[SUSE-SU-2018:2328-1] Security update for the Linux Kernel

Severity Important

Affected Packages 38

CVEs 5

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.143 to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2018-5390 aka 'SegmentSmack': Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bnc#1102340).
CVE-2018-14734: drivers/infiniband/core/ucma.c in the Linux kernel allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bnc#1103119).
CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent->sigev_notify field, which lead to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bnc#1102851 bnc#1103580).
CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data. (bnc#1087081).
CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system. (bnc#1089343).

The following non-security bugs were fixed:

Add support for 5,25,50, and 100G to 802.3ad bonding driver (bsc#1096978)
ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS (bnc#1012382).
arm64: do not open code page table entry creation (bsc#1102197).
arm64: kpti: Use early_param for kpti= command-line option (bsc#1102188).
arm64: Make sure permission updates happen for pmd/pud (bsc#1102197).
atm: zatm: Fix potential Spectre v1 (bnc#1012382).
bcm63xx_enet: correct clock usage (bnc#1012382).
bcm63xx_enet: do not write to random DMA channel on BCM6345 (bnc#1012382).
blacklist 9fb8d5dc4b64 ('stop_machine: Disable preemption when waking two stopper threads') Preemption is already disabled inside cpu_stop_queue_two_works() in SLE12-SP3 because it does not have commit 6a19005157c4 ('stop_machine: Do not disable preemption in stop_two_cpus()')
block: copy ioprio in __bio_clone_fast() (bsc#1082653).
bpf: fix loading of BPF_MAXINSNS sized programs (bsc#1012382).
bpf, x64: fix memleak when not converging after image (bsc#1012382).
cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag (bsc#1099858).
cachefiles: Fix refcounting bug in backing-file read monitoring (bsc#1099858).
cachefiles: Wait rather than BUG'ing on 'Unexpected object collision' (bsc#1099858).
cifs: fix bad/NULL ptr dereferencing in SMB2_sess_setup() (bsc#1090123).
compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled (bnc#1012382).
compiler, clang: properly override 'inline' for clang (bnc#1012382).
compiler, clang: suppress warning for unused static inline functions (bnc#1012382).
compiler-gcc.h: Add attribute((gnu_inline)) to all inline declarations (bnc#1012382).
cpu/hotplug: Add sysfs state interface (bsc#1089343).
cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
cpu/hotplug: Split do_cpu_down() (bsc#1089343).
crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak (bnc#1012382).
crypto: crypto4xx - remove bad list_del (bnc#1012382).
drm/msm: Fix possible null dereference on failure of get_pages() (bsc#1102394).
drm: re-enable error handling (bsc#1103884).
fscache: Allow cancelled operations to be enqueued (bsc#1099858).
fscache: Fix reference overput in fscache_attach_object() error handling (bsc#1099858).
hid: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter (bnc#1012382).
ibmasm: do not write out of bounds in read handler (bnc#1012382).
ibmvnic: Fix error recovery on login failure (bsc#1101789).
iw_cxgb4: correctly enforce the max reg_mr depth (bnc#1012382).
kabi protect includes in include/linux/inet.h (bsc#1095643).
KABI protect net/core/utils.c includes (bsc#1095643).
kABI: protect struct loop_device (kabi).
kABI: reintroduce __static_cpu_has_safe (kabi).
kbuild: fix # escaping in .cmd files for future Make (bnc#1012382).
keys: DNS: fix parsing multiple options (bnc#1012382).
kvm: arm/arm64: Drop resource size check for GICV window (bsc#1102215).
kvm: arm/arm64: Set dist->spis to NULL after kfree (bsc#1102214).
loop: add recursion validation to LOOP_CHANGE_FD (bnc#1012382).
loop: remember whether sysfs_create_group() was done (bnc#1012382).
mmc: dw_mmc: fix card threshold control configuration (bsc#1102203).
mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing (bsc#1097771).
net: cxgb3_main: fix potential Spectre v1 (bnc#1012382).
net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (bnc#1012382).
net: dccp: switch rx_tstamp_last_feedback to monotonic clock (bnc#1012382).
netfilter: ebtables: reject non-bridge targets (bnc#1012382).
netfilter: nf_queue: augment nfqa_cfg_policy (bnc#1012382).
netfilter: x_tables: initialise match/target check parameter struct (bnc#1012382).
net/mlx5: Fix command interface race in polling mode (bnc#1012382).
net/mlx5: Fix incorrect raw command length parsing (bnc#1012382).
net: mvneta: fix the Rx desc DMA address in the Rx path (bsc#1102207).
net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL (bnc#1012382).
net: off by one in inet6_pton() (bsc#1095643).
net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1102205).
net_sched: blackhole: tell upper qdisc about dropped packets (bnc#1012382).
net: sungem: fix rx checksum support (bnc#1012382).
net/utils: generic inet_pton_with_scope helper (bsc#1095643).
nvme-rdma: Check remotely invalidated rkey matches our expected rkey (bsc#1092001).
nvme-rdma: default MR page size to 4k (bsc#1092001).
nvme-rdma: do not complete requests before a send work request has completed (bsc#1092001).
nvme-rdma: do not suppress send completions (bsc#1092001).
nvme-rdma: Fix command completion race at error recovery (bsc#1090435).
nvme-rdma: make nvme_rdma_[create|destroy]_queue_ib symmetrical (bsc#1092001).
nvme-rdma: use inet_pton_with_scope helper (bsc#1095643).
nvme-rdma: Use mr pool (bsc#1092001).
nvme-rdma: wait for local invalidation before completing a request (bsc#1092001).
ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bnc#1012382).
pci: ibmphp: Fix use-before-set in get_max_bus_speed() (bsc#1100132).
perf tools: Move syscall number fallbacks from perf-sys.h to tools/arch/x86/include/asm/ (bnc#1012382).
pm / hibernate: Fix oops at snapshot_write() (bnc#1012382).
powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244, bsc#1100930, bsc#1102683).
qed: Limit msix vectors in kdump kernel to the minimum required count (bnc#1012382).
r8152: napi hangup fix after disconnect (bnc#1012382).
rdma/ucm: Mark UCM interface as BROKEN (bnc#1012382).
rds: avoid unenecessary cong_update in loop transport (bnc#1012382).
Revert 'sit: reload iphdr in ipip6_rcv' (bnc#1012382).
Revert 'x86/cpufeature: Move some of the scattered feature bits to x86_capability' (kabi).
Revert 'x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6' (kabi).
rtlwifi: rtl8821ae: fix firmware is not ready to run (bnc#1012382).
s390/qeth: fix error handling in adapter command callbacks (bnc#1103745, LTC#169699).
sched/smt: Update sched_smt_present at runtime (bsc#1089343).
smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).
smsc95xx: Configure pause time to 0xffff when tx flow control enabled (bsc#1085536).
tcp: fix Fast Open key endianness (bnc#1012382).
tcp: prevent bogus FRTO undos with non-SACK flows (bnc#1012382).
tools build: fix # escaping in .cmd files for future Make (bnc#1012382).
uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bnc#1012382).
usb: core: handle hub C_PORT_OVER_CURRENT condition (bsc#1100132).
usb: quirks: add delay quirks for Corsair Strafe (bnc#1012382).
usb: serial: ch341: fix type promotion bug in ch341_control_in() (bnc#1012382).
usb: serial: cp210x: add another USB ID for Qivicon ZigBee stick (bnc#1012382).
usb: serial: keyspan_pda: fix modem-status error handling (bnc#1012382).
usb: serial: mos7840: fix status-register error handling (bnc#1012382).
usb: yurex: fix out-of-bounds uaccess in read handler (bnc#1012382).
vfio: platform: Fix reset module leak in error path (bsc#1102211).
vhost_net: validate sock before trying to put its fd (bnc#1012382).
vmw_balloon: fix inflation with batching (bnc#1012382).
x86/alternatives: Add an auxilary section (bnc#1012382).
x86/alternatives: Discard dynamic check after init (bnc#1012382).
x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bnc#1012382).
x86/boot: Simplify kernel load address alignment check (bnc#1012382).
x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343). Update config files.
x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
x86/cpufeature: Add helper macro for mask check macros (bnc#1012382).
x86/cpufeature: Carve out X86_FEATURE_* (bnc#1012382).
x86/cpufeature: Get rid of the non-asm goto variant (bnc#1012382).
x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated (bnc#1012382).
x86/cpufeature: Move some of the scattered feature bits to x86_capability (bnc#1012382).
x86/cpufeature: Replace the old static_cpu_has() with safe variant (bnc#1012382).
x86/cpufeature: Speed up cpu_feature_enabled() (bnc#1012382).
x86/cpufeature: Update cpufeaure macros (bnc#1012382).
x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (bnc#1012382).
x86/cpu: Provide a config option to disable static_cpu_has (bnc#1012382).
x86/cpu: Remove the pointless CPU printout (bsc#1089343).
x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
x86/fpu: Add an XSTATE_OP() macro (bnc#1012382).
x86/fpu: Get rid of xstate_fault() (bnc#1012382).
x86/headers: Do not include asm/processor.h in asm/atomic.h (bnc#1012382).
x86/mm/pkeys: Fix mismerge of protection keys CPUID bits (bnc#1012382).
x86/mm: Simplify p[g4um]d_page() macros (1087081).
x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
x86/topology: Add topology_max_smt_threads() (bsc#1089343).
x86/topology: Provide topology_smt_supported() (bsc#1089343).
x86/vdso: Use static_cpu_has() (bnc#1012382).
xen/grant-table: log the lack of grants (bnc#1085042).
xen-netfront: Fix mismatched rtnl_unlock (bnc#1101658).
xen-netfront: Update features after registering netdev (bnc#1101658).
xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bnc#1012382).

Package	Affected Version
pkg:rpm/suse/lttng-modules?arch=x86_64&distro=sles-12&sp=3	< 2.7.1-8.4.2
pkg:rpm/suse/lttng-modules-kmp-default?arch=x86_64&distro=sles-12&sp=3	< 2.7.1_k4.4.143_94.47-8.4.2
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-extra?arch=x86_64&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sled-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=3	< 4.4.143-94.47.1
pkg:rpm/suse/dpdk?arch=x86_64&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk?arch=ppc64le&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk?arch=aarch64&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk-tools?arch=x86_64&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk-tools?arch=ppc64le&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk-tools?arch=aarch64&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk-thunderx?arch=aarch64&distro=sles-12&sp=3	< 16.11.6-8.7.2
pkg:rpm/suse/dpdk-thunderx-kmp-default?arch=aarch64&distro=sles-12&sp=3	< 16.11.6_k4.4.143_94.47-8.7.2
pkg:rpm/suse/dpdk-kmp-default?arch=x86_64&distro=sles-12&sp=3	< 16.11.6_k4.4.143_94.47-8.7.2

ID

SUSE-SU-2018:2328-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2018/suse-su-20182328-1/

Published

2018-08-14T17:02:07
(6 years ago)

Modified

2018-08-14T17:02:07
(6 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2328-1.json
Suse	URL for SUSE-SU-2018:2328-1	https://www.suse.com/support/update/announcement/2018/suse-su-20182328-1/
Suse	E-Mail link for SUSE-SU-2018:2328-1	https://lists.suse.com/pipermail/sle-security-updates/2018-August/004414.html
Bugzilla	SUSE Bug 1012382	https://bugzilla.suse.com/1012382
Bugzilla	SUSE Bug 1082653	https://bugzilla.suse.com/1082653
Bugzilla	SUSE Bug 1085042	https://bugzilla.suse.com/1085042
Bugzilla	SUSE Bug 1085536	https://bugzilla.suse.com/1085536
Bugzilla	SUSE Bug 1087081	https://bugzilla.suse.com/1087081
Bugzilla	SUSE Bug 1089343	https://bugzilla.suse.com/1089343
Bugzilla	SUSE Bug 1090123	https://bugzilla.suse.com/1090123
Bugzilla	SUSE Bug 1090435	https://bugzilla.suse.com/1090435
Bugzilla	SUSE Bug 1092001	https://bugzilla.suse.com/1092001
Bugzilla	SUSE Bug 1094244	https://bugzilla.suse.com/1094244
Bugzilla	SUSE Bug 1095643	https://bugzilla.suse.com/1095643
Bugzilla	SUSE Bug 1096978	https://bugzilla.suse.com/1096978
Bugzilla	SUSE Bug 1097771	https://bugzilla.suse.com/1097771
Bugzilla	SUSE Bug 1099858	https://bugzilla.suse.com/1099858
Bugzilla	SUSE Bug 1100132	https://bugzilla.suse.com/1100132
Bugzilla	SUSE Bug 1100930	https://bugzilla.suse.com/1100930
Bugzilla	SUSE Bug 1101658	https://bugzilla.suse.com/1101658
Bugzilla	SUSE Bug 1101789	https://bugzilla.suse.com/1101789
Bugzilla	SUSE Bug 1102188	https://bugzilla.suse.com/1102188
Bugzilla	SUSE Bug 1102197	https://bugzilla.suse.com/1102197
Bugzilla	SUSE Bug 1102203	https://bugzilla.suse.com/1102203
Bugzilla	SUSE Bug 1102205	https://bugzilla.suse.com/1102205
Bugzilla	SUSE Bug 1102207	https://bugzilla.suse.com/1102207
Bugzilla	SUSE Bug 1102211	https://bugzilla.suse.com/1102211
Bugzilla	SUSE Bug 1102214	https://bugzilla.suse.com/1102214
Bugzilla	SUSE Bug 1102215	https://bugzilla.suse.com/1102215
Bugzilla	SUSE Bug 1102340	https://bugzilla.suse.com/1102340
Bugzilla	SUSE Bug 1102394	https://bugzilla.suse.com/1102394
Bugzilla	SUSE Bug 1102683	https://bugzilla.suse.com/1102683
Bugzilla	SUSE Bug 1102851	https://bugzilla.suse.com/1102851
Bugzilla	SUSE Bug 1103119	https://bugzilla.suse.com/1103119
Bugzilla	SUSE Bug 1103580	https://bugzilla.suse.com/1103580
Bugzilla	SUSE Bug 1103745	https://bugzilla.suse.com/1103745
Bugzilla	SUSE Bug 1103884	https://bugzilla.suse.com/1103884
CVE	SUSE CVE CVE-2017-18344 page	https://www.suse.com/security/cve/CVE-2017-18344/
CVE	SUSE CVE CVE-2018-14734 page	https://www.suse.com/security/cve/CVE-2018-14734/
CVE	SUSE CVE CVE-2018-3620 page	https://www.suse.com/security/cve/CVE-2018-3620/
CVE	SUSE CVE CVE-2018-3646 page	https://www.suse.com/security/cve/CVE-2018-3646/
CVE	SUSE CVE CVE-2018-5390 page	https://www.suse.com/security/cve/CVE-2018-5390/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/lttng-modules?arch=x86_64&distro=sles-12&sp=3	suse	lttng-modules	< 2.7.1-8.4.2	sles-12	x86_64
Affected	pkg:rpm/suse/lttng-modules-kmp-default?arch=x86_64&distro=sles-12&sp=3	suse	lttng-modules-kmp-default	< 2.7.1_k4.4.143_94.47-8.4.2	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=3	suse	kernel-syms	< 4.4.143-94.47.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sled-12&sp=3	suse	kernel-syms	< 4.4.143-94.47.1	sled-12	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=3	suse	kernel-syms	< 4.4.143-94.47.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=3	suse	kernel-syms	< 4.4.143-94.47.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=3	suse	kernel-syms	< 4.4.143-94.47.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=3	suse	kernel-source	< 4.4.143-94.47.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sled-12&sp=3	suse	kernel-source	< 4.4.143-94.47.1	sled-12	noarch
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=3	suse	kernel-macros	< 4.4.143-94.47.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sled-12&sp=3	suse	kernel-macros	< 4.4.143-94.47.1	sled-12	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=3	suse	kernel-devel	< 4.4.143-94.47.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sled-12&sp=3	suse	kernel-devel	< 4.4.143-94.47.1	sled-12	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=3	suse	kernel-default	< 4.4.143-94.47.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sled-12&sp=3	suse	kernel-default	< 4.4.143-94.47.1	sled-12	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=3	suse	kernel-default	< 4.4.143-94.47.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=3	suse	kernel-default	< 4.4.143-94.47.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=3	suse	kernel-default	< 4.4.143-94.47.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=3	suse	kernel-default-man	< 4.4.143-94.47.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-extra?arch=x86_64&distro=sled-12&sp=3	suse	kernel-default-extra	< 4.4.143-94.47.1	sled-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=3	suse	kernel-default-devel	< 4.4.143-94.47.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sled-12&sp=3	suse	kernel-default-devel	< 4.4.143-94.47.1	sled-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=3	suse	kernel-default-devel	< 4.4.143-94.47.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=3	suse	kernel-default-devel	< 4.4.143-94.47.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=3	suse	kernel-default-devel	< 4.4.143-94.47.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=3	suse	kernel-default-base	< 4.4.143-94.47.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=3	suse	kernel-default-base	< 4.4.143-94.47.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=3	suse	kernel-default-base	< 4.4.143-94.47.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=3	suse	kernel-default-base	< 4.4.143-94.47.1	sles-12	aarch64
Affected	pkg:rpm/suse/dpdk?arch=x86_64&distro=sles-12&sp=3	suse	dpdk	< 16.11.6-8.7.2	sles-12	x86_64
Affected	pkg:rpm/suse/dpdk?arch=ppc64le&distro=sles-12&sp=3	suse	dpdk	< 16.11.6-8.7.2	sles-12	ppc64le
Affected	pkg:rpm/suse/dpdk?arch=aarch64&distro=sles-12&sp=3	suse	dpdk	< 16.11.6-8.7.2	sles-12	aarch64
Affected	pkg:rpm/suse/dpdk-tools?arch=x86_64&distro=sles-12&sp=3	suse	dpdk-tools	< 16.11.6-8.7.2	sles-12	x86_64
Affected	pkg:rpm/suse/dpdk-tools?arch=ppc64le&distro=sles-12&sp=3	suse	dpdk-tools	< 16.11.6-8.7.2	sles-12	ppc64le
Affected	pkg:rpm/suse/dpdk-tools?arch=aarch64&distro=sles-12&sp=3	suse	dpdk-tools	< 16.11.6-8.7.2	sles-12	aarch64
Affected	pkg:rpm/suse/dpdk-thunderx?arch=aarch64&distro=sles-12&sp=3	suse	dpdk-thunderx	< 16.11.6-8.7.2	sles-12	aarch64
Affected	pkg:rpm/suse/dpdk-thunderx-kmp-default?arch=aarch64&distro=sles-12&sp=3	suse	dpdk-thunderx-kmp-default	< 16.11.6_k4.4.143_94.47-8.7.2	sles-12	aarch64
Affected	pkg:rpm/suse/dpdk-kmp-default?arch=x86_64&distro=sles-12&sp=3	suse	dpdk-kmp-default	< 16.11.6_k4.4.143_94.47-8.7.2	sles-12	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date