Vulnerability-Lookup

CVE-2015-8539 (GCVE-0-2015-8539)

Vulnerability from cvelistv5 – Published: 2016-02-08 02:00 – Updated: 2024-08-06 08:20

Summary

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

24 references

URL	Tags
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=1284450	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:0181	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://git.kernel.org/cgit/linux/kernel/git/torva…	x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/096fe9ea…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/12/09/1	mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://access.redhat.com/errata/RHSA-2018:0152	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://access.redhat.com/errata/RHSA-2018:0151	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://usn.ubuntu.com/3798-1/	vendor-advisoryx_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://usn.ubuntu.com/3798-2/	vendor-advisoryx_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Date Public

2015-12-08 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:20:42.590Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
          },
          {
            "name": "RHSA-2018:0181",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0181"
          },
          {
            "name": "SUSE-SU-2016:0434",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
          },
          {
            "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
          },
          {
            "name": "SUSE-SU-2016:0380",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
          },
          {
            "name": "RHSA-2018:0152",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0152"
          },
          {
            "name": "SUSE-SU-2016:0335",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
          },
          {
            "name": "SUSE-SU-2016:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
          },
          {
            "name": "SUSE-SU-2016:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
          },
          {
            "name": "SUSE-SU-2016:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
          },
          {
            "name": "SUSE-SU-2016:0339",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
          },
          {
            "name": "RHSA-2018:0151",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0151"
          },
          {
            "name": "SUSE-SU-2016:2074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
          },
          {
            "name": "SUSE-SU-2016:0384",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
          },
          {
            "name": "USN-3798-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3798-1/"
          },
          {
            "name": "SUSE-SU-2016:0387",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
          },
          {
            "name": "SUSE-SU-2016:0336",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
          },
          {
            "name": "USN-3798-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3798-2/"
          },
          {
            "name": "SUSE-SU-2016:0381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:1937",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
          },
          {
            "name": "SUSE-SU-2016:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-30T09:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
        },
        {
          "name": "RHSA-2018:0181",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        },
        {
          "name": "SUSE-SU-2016:0434",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        },
        {
          "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
        },
        {
          "name": "SUSE-SU-2016:0380",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
        },
        {
          "name": "RHSA-2018:0152",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        },
        {
          "name": "SUSE-SU-2016:0335",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
        },
        {
          "name": "SUSE-SU-2016:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
        },
        {
          "name": "SUSE-SU-2016:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
        },
        {
          "name": "SUSE-SU-2016:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
        },
        {
          "name": "SUSE-SU-2016:0339",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
        },
        {
          "name": "RHSA-2018:0151",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0151"
        },
        {
          "name": "SUSE-SU-2016:2074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
        },
        {
          "name": "SUSE-SU-2016:0384",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
        },
        {
          "name": "USN-3798-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3798-1/"
        },
        {
          "name": "SUSE-SU-2016:0387",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
        },
        {
          "name": "SUSE-SU-2016:0336",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
        },
        {
          "name": "USN-3798-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3798-2/"
        },
        {
          "name": "SUSE-SU-2016:0381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:1937",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
        },
        {
          "name": "SUSE-SU-2016:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0337",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
            },
            {
              "name": "RHSA-2018:0181",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0181"
            },
            {
              "name": "SUSE-SU-2016:0434",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd"
            },
            {
              "name": "[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/12/09/1"
            },
            {
              "name": "SUSE-SU-2016:0380",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
            },
            {
              "name": "RHSA-2018:0152",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0152"
            },
            {
              "name": "SUSE-SU-2016:0335",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
            },
            {
              "name": "SUSE-SU-2016:1102",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
            },
            {
              "name": "SUSE-SU-2016:0383",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
            },
            {
              "name": "SUSE-SU-2016:0386",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
            },
            {
              "name": "SUSE-SU-2016:0339",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html"
            },
            {
              "name": "RHSA-2018:0151",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0151"
            },
            {
              "name": "SUSE-SU-2016:2074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
            },
            {
              "name": "SUSE-SU-2016:0384",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
            },
            {
              "name": "USN-3798-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3798-1/"
            },
            {
              "name": "SUSE-SU-2016:0387",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
            },
            {
              "name": "SUSE-SU-2016:0336",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html"
            },
            {
              "name": "USN-3798-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3798-2/"
            },
            {
              "name": "SUSE-SU-2016:0381",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:1937",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
            },
            {
              "name": "SUSE-SU-2016:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8539",
    "datePublished": "2016-02-08T02:00:00.000Z",
    "dateReserved": "2015-12-10T00:00:00.000Z",
    "dateUpdated": "2024-08-06T08:20:42.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2015-8539",
      "date": "2026-05-28",
      "epss": "0.00077",
      "percentile": "0.2302"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-8539\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-02-08T03:59:03.903\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.\"},{\"lang\":\"es\",\"value\":\"El subsistema KEYS en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales obtener privilegios o provocar una denegaci\u00f3n de servicio (BUG) a trav\u00e9s de comandos keyctl manipulados que instancia una clave negativamente, relacionado con security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c y security/keys/user_defined.c.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D823E3-E1F3-4A15-A9C7-1AB61C1B6703\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4\",\"matchCriteriaId\":\"311A4477-1B05-4B33-8886-88EF75FEB5B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:4.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E425B7E4-0104-4CF8-A874-4CAF3273BCDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:4.4:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C066AC79-4021-4414-A9F2-6B75C2D62773\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/09/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0151\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0152\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0181\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1284450\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3798-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3798-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/09/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0151\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0152\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1284450\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/096fe9eaea40a17e125569f9e657e34cdb6d73bd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3798-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3798-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

RHSA-2018:0152

Vulnerability from csaf_redhat - Published: 2018-01-25 11:18 - Updated: 2026-05-13 01:09

Summary

Red Hat Security Advisory: kernel-rt security and bug fix update

Severity

Important

Notes

Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2015-8539

A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there.

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-667 - Improper Locking

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2017-7472

A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS.

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-12192

A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCL_READ on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel.

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-12193

A flaw was found in the Linux kernel's implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assoc_array_apply_edit() due to incorrect node-splitting in assoc_array implementation. This affects the keyring key type and thus key addition and link creation operations may cause the kernel to panic.

4.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-15649

It was found that fanout_add() in 'net/packet/af_packet.c' in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug.

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64	—	Vendor Fix fix

Threats

Impact Important

References

29 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:0152	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1284450	external
https://bugzilla.redhat.com/show_bug.cgi?id=1442086	external
https://bugzilla.redhat.com/show_bug.cgi?id=1504574	external
https://bugzilla.redhat.com/show_bug.cgi?id=1519506	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-8539	self
https://bugzilla.redhat.com/show_bug.cgi?id=1284450	external
https://www.cve.org/CVERecord?id=CVE-2015-8539	external
https://nvd.nist.gov/vuln/detail/CVE-2015-8539	external
https://git.kernel.org/cgit/linux/kernel/git/torv…	external
https://access.redhat.com/security/cve/CVE-2017-7472	self
https://bugzilla.redhat.com/show_bug.cgi?id=1442086	external
https://www.cve.org/CVERecord?id=CVE-2017-7472	external
https://nvd.nist.gov/vuln/detail/CVE-2017-7472	external
https://access.redhat.com/security/cve/CVE-2017-12192	self
https://bugzilla.redhat.com/show_bug.cgi?id=1493435	external
https://www.cve.org/CVERecord?id=CVE-2017-12192	external
https://nvd.nist.gov/vuln/detail/CVE-2017-12192	external
http://seclists.org/oss-sec/2017/q4/63	external
https://access.redhat.com/security/cve/CVE-2017-12193	self
https://bugzilla.redhat.com/show_bug.cgi?id=1501215	external
https://www.cve.org/CVERecord?id=CVE-2017-12193	external
https://nvd.nist.gov/vuln/detail/CVE-2017-12193	external
https://access.redhat.com/security/cve/CVE-2017-15649	self
https://bugzilla.redhat.com/show_bug.cgi?id=1504574	external
https://www.cve.org/CVERecord?id=CVE-2017-15649	external
https://nvd.nist.gov/vuln/detail/CVE-2017-15649	external

Acknowledgments

Google engineering Dmitry Vyukov

University of Hong Kong Fan Wu Haoran Qiu Heming Cui Shixiong Zhao

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A flaw was found in the Linux kernel\u0027s key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the -\u003eupdate key type method must be aware that the error code may be there. (CVE-2015-8539, Important)\n\n* It was found that fanout_add() in \u0027net/packet/af_packet.c\u0027 in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug. (CVE-2017-15649, Important)\n\n* A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS. (CVE-2017-7472, Moderate)\n\nRed Hat would like to thank Dmitry Vyukov of Google engineering for reporting CVE-2015-8539.\n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to 3.10.0-693.15.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1519506)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:0152",
        "url": "https://access.redhat.com/errata/RHSA-2018:0152"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1284450",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
      },
      {
        "category": "external",
        "summary": "1442086",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
      },
      {
        "category": "external",
        "summary": "1504574",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504574"
      },
      {
        "category": "external",
        "summary": "1519506",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519506"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0152.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
    "tracking": {
      "current_release_date": "2026-05-13T01:09:21+00:00",
      "generator": {
        "date": "2026-05-13T01:09:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.9"
        }
      },
      "id": "RHSA-2018:0152",
      "initial_release_date": "2018-01-25T11:18:22+00:00",
      "revision_history": [
        {
          "date": "2018-01-25T11:18:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-01-25T11:18:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-13T01:09:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
                  "product_id": "7Server-NFV-7.4.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras_rt:7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                  "product_id": "7Server-RT-7.4.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras_rt:7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_id": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-693.17.1.rt56.636.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
                "product": {
                  "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
                  "product_id": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.17.1.rt56.636.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
                "product": {
                  "name": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
                  "product_id": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-693.17.1.rt56.636.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src"
        },
        "product_reference": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch"
        },
        "product_reference": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src"
        },
        "product_reference": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch"
        },
        "product_reference": "kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.4.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Dmitry Vyukov"
          ],
          "organization": "Google engineering"
        }
      ],
      "cve": "CVE-2015-8539",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "discovery_date": "2015-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1284450"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the -\u003eupdate key type method must be aware that the error code may be there.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: local privesc in key management",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4 and 5.  This issue does affect the kernels shipped with Red Hat Enterprise Linux 6, 7, MRG-2 and realtime kernels and plans to be addressed in a future update.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "RHBZ#1284450",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8539",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8539",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd",
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        }
      ],
      "release_date": "2015-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:18:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: local privesc in key management"
    },
    {
      "cve": "CVE-2017-7472",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2017-04-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1442086"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: keyctl_set_reqkey_keyring() leaks thread keyrings",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in this product.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7472"
        },
        {
          "category": "external",
          "summary": "RHBZ#1442086",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7472",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7472"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472"
        }
      ],
      "release_date": "2017-04-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:18:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: keyctl_set_reqkey_keyring() leaks thread keyrings"
    },
    {
      "cve": "CVE-2017-12192",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2017-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1493435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCL_READ on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: NULL pointer dereference due to KEYCTL_READ on negative key",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "RHBZ#1493435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "http://seclists.org/oss-sec/2017/q4/63",
          "url": "http://seclists.org/oss-sec/2017/q4/63"
        }
      ],
      "release_date": "2017-09-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:18:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: NULL pointer dereference due to KEYCTL_READ on negative key"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Fan Wu",
            "Haoran Qiu",
            "Heming Cui",
            "Shixiong Zhao"
          ],
          "organization": "University of Hong Kong"
        }
      ],
      "cve": "CVE-2017-12193",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2017-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1501215"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assoc_array_apply_edit() due to incorrect node-splitting in assoc_array implementation.  This affects the keyring key type and thus key addition and link creation operations may cause the kernel to panic.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7,MRG-2 and realtime kernels. Future Linux kernel updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12193"
        },
        {
          "category": "external",
          "summary": "RHBZ#1501215",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501215"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12193",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12193"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12193",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12193"
        }
      ],
      "release_date": "2017-11-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:18:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation"
    },
    {
      "cve": "CVE-2017-15649",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2017-10-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1504574"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that fanout_add() in \u0027net/packet/af_packet.c\u0027 in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Use-after-free in the af_packet.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 as a code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
          "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
          "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
          "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-15649"
        },
        {
          "category": "external",
          "summary": "RHBZ#1504574",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504574"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15649",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15649",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15649"
        }
      ],
      "release_date": "2017-09-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:18:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0152"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-NFV-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-NFV-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.src",
            "7Server-RT-7.4.Z:kernel-rt-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-doc-0:3.10.0-693.17.1.rt56.636.el7.noarch",
            "7Server-RT-7.4.Z:kernel-rt-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-devel-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-0:3.10.0-693.17.1.rt56.636.el7.x86_64",
            "7Server-RT-7.4.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-693.17.1.rt56.636.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Use-after-free in the af_packet.c"
    }
  ]
}

RHSA-2018:0181

Vulnerability from csaf_redhat - Published: 2018-01-25 11:26 - Updated: 2026-05-13 01:09

Summary

Red Hat Security Advisory: kernel-rt security and bug fix update

Severity

Important

Notes

Topic: An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there. (CVE-2015-8539, Important) * It was found that fanout_add() in 'net/packet/af_packet.c' in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug. (CVE-2017-15649, Important) * A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS. (CVE-2017-7472, Moderate) Red Hat would like to thank Dmitry Vyukov of Google engineering for reporting CVE-2015-8539. Bug Fix(es): * The mlx5 driver has a number of configuration options, including the selective support for network protocols, such as InfiniBand and Ethernet. Due to a regression in the configuration of the MRG-RT kernel, the Ethernet mode of the driver was turned off. The regression has been resolved by enabling the mlx5 Ethernet mode, making the Ethernet protocol to work again. (BZ#1422778) * The migrate_disable/enable() kernel operations are used to pin a thread to a CPU temporarily. This method is a kernel-rt specific. To keep RHEL-RT's kernel up-to-date with the latest real-time kernel, the migrate_disable/enable routine was updated to the version present on kernel v4.9-rt. However, this version showed to be problematic. The changes in the migrate_disable/enabled have been thus reverted to a stable version, avoiding the kernel BUG. (BZ#1507831) * The kernel-rt packages have been upgraded to version 3.10.0-693.15.1.rt56.601, which provides a number of security and bug fixes over the previous version. (BZ#1519504)

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-667 - Improper Locking

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2017-7472

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-12192

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-12193

4.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2017-15649

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Important

References

30 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:0181	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1284450	external
https://bugzilla.redhat.com/show_bug.cgi?id=1422778	external
https://bugzilla.redhat.com/show_bug.cgi?id=1442086	external
https://bugzilla.redhat.com/show_bug.cgi?id=1504574	external
https://bugzilla.redhat.com/show_bug.cgi?id=1519504	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-8539	self
https://bugzilla.redhat.com/show_bug.cgi?id=1284450	external
https://www.cve.org/CVERecord?id=CVE-2015-8539	external
https://nvd.nist.gov/vuln/detail/CVE-2015-8539	external
https://git.kernel.org/cgit/linux/kernel/git/torv…	external
https://access.redhat.com/security/cve/CVE-2017-7472	self
https://bugzilla.redhat.com/show_bug.cgi?id=1442086	external
https://www.cve.org/CVERecord?id=CVE-2017-7472	external
https://nvd.nist.gov/vuln/detail/CVE-2017-7472	external
https://access.redhat.com/security/cve/CVE-2017-12192	self
https://bugzilla.redhat.com/show_bug.cgi?id=1493435	external
https://www.cve.org/CVERecord?id=CVE-2017-12192	external
https://nvd.nist.gov/vuln/detail/CVE-2017-12192	external
http://seclists.org/oss-sec/2017/q4/63	external
https://access.redhat.com/security/cve/CVE-2017-12193	self
https://bugzilla.redhat.com/show_bug.cgi?id=1501215	external
https://www.cve.org/CVERecord?id=CVE-2017-12193	external
https://nvd.nist.gov/vuln/detail/CVE-2017-12193	external
https://access.redhat.com/security/cve/CVE-2017-15649	self
https://bugzilla.redhat.com/show_bug.cgi?id=1504574	external
https://www.cve.org/CVERecord?id=CVE-2017-15649	external
https://nvd.nist.gov/vuln/detail/CVE-2017-15649	external

Acknowledgments

Google engineering Dmitry Vyukov

University of Hong Kong Fan Wu Haoran Qiu Heming Cui Shixiong Zhao

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A flaw was found in the Linux kernel\u0027s key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the -\u003eupdate key type method must be aware that the error code may be there. (CVE-2015-8539, Important)\n\n* It was found that fanout_add() in \u0027net/packet/af_packet.c\u0027 in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug. (CVE-2017-15649, Important)\n\n* A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS. (CVE-2017-7472, Moderate)\n\nRed Hat would like to thank Dmitry Vyukov of Google engineering for reporting CVE-2015-8539.\n\nBug Fix(es):\n\n* The mlx5 driver has a number of configuration options, including the selective support for network protocols, such as InfiniBand and Ethernet. Due to a regression in the configuration of the MRG-RT kernel, the Ethernet mode of the driver was turned off. The regression has been resolved by enabling the mlx5 Ethernet mode, making the Ethernet protocol to work again. (BZ#1422778)\n\n* The migrate_disable/enable() kernel operations are used to pin a thread to a CPU temporarily. This method is a kernel-rt specific. To keep RHEL-RT\u0027s kernel up-to-date with the latest real-time kernel, the migrate_disable/enable routine was updated to the version present on kernel v4.9-rt. However, this version showed to be problematic. The changes in the migrate_disable/enabled have been thus reverted to a stable version, avoiding the kernel BUG. (BZ#1507831)\n\n* The kernel-rt packages have been upgraded to version 3.10.0-693.15.1.rt56.601, which provides a number of security and bug fixes over the previous version. (BZ#1519504)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:0181",
        "url": "https://access.redhat.com/errata/RHSA-2018:0181"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1284450",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
      },
      {
        "category": "external",
        "summary": "1422778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422778"
      },
      {
        "category": "external",
        "summary": "1442086",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
      },
      {
        "category": "external",
        "summary": "1504574",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504574"
      },
      {
        "category": "external",
        "summary": "1519504",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519504"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0181.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
    "tracking": {
      "current_release_date": "2026-05-13T01:09:20+00:00",
      "generator": {
        "date": "2026-05-13T01:09:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.9"
        }
      },
      "id": "RHSA-2018:0181",
      "initial_release_date": "2018-01-25T11:26:34+00:00",
      "revision_history": [
        {
          "date": "2018-01-25T11:26:34+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-01-25T11:26:34+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-13T01:09:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                "product": {
                  "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                  "product_id": "6Server-MRG-Realtime-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise MRG for RHEL-6"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-693.17.1.rt56.604.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                  "product_id": "kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-693.17.1.rt56.604.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                  "product_id": "kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.0-693.17.1.rt56.604.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
                "product": {
                  "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
                  "product_id": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.17.1.rt56.604.el6rt?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src"
        },
        "product_reference": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch"
        },
        "product_reference": "kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch"
        },
        "product_reference": "kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Dmitry Vyukov"
          ],
          "organization": "Google engineering"
        }
      ],
      "cve": "CVE-2015-8539",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "discovery_date": "2015-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1284450"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the -\u003eupdate key type method must be aware that the error code may be there.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: local privesc in key management",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4 and 5.  This issue does affect the kernels shipped with Red Hat Enterprise Linux 6, 7, MRG-2 and realtime kernels and plans to be addressed in a future update.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "RHBZ#1284450",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284450"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8539",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8539",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd",
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd"
        }
      ],
      "release_date": "2015-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:26:34+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: local privesc in key management"
    },
    {
      "cve": "CVE-2017-7472",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2017-04-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1442086"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: keyctl_set_reqkey_keyring() leaks thread keyrings",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in this product.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7472"
        },
        {
          "category": "external",
          "summary": "RHBZ#1442086",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442086"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7472",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7472"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472"
        }
      ],
      "release_date": "2017-04-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:26:34+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: keyctl_set_reqkey_keyring() leaks thread keyrings"
    },
    {
      "cve": "CVE-2017-12192",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2017-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1493435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCL_READ on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: NULL pointer dereference due to KEYCTL_READ on negative key",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "RHBZ#1493435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12192",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12192",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12192"
        },
        {
          "category": "external",
          "summary": "http://seclists.org/oss-sec/2017/q4/63",
          "url": "http://seclists.org/oss-sec/2017/q4/63"
        }
      ],
      "release_date": "2017-09-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:26:34+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: NULL pointer dereference due to KEYCTL_READ on negative key"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Fan Wu",
            "Haoran Qiu",
            "Heming Cui",
            "Shixiong Zhao"
          ],
          "organization": "University of Hong Kong"
        }
      ],
      "cve": "CVE-2017-12193",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2017-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1501215"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s implementation of associative arrays introduced in 3.13. This functionality was backported to the 3.10 kernels in Red Hat Enterprise Linux 7. The flaw involved a null pointer dereference in assoc_array_apply_edit() due to incorrect node-splitting in assoc_array implementation.  This affects the keyring key type and thus key addition and link creation operations may cause the kernel to panic.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7,MRG-2 and realtime kernels. Future Linux kernel updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12193"
        },
        {
          "category": "external",
          "summary": "RHBZ#1501215",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501215"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12193",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12193"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12193",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12193"
        }
      ],
      "release_date": "2017-11-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:26:34+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation"
    },
    {
      "cve": "CVE-2017-15649",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2017-10-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1504574"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that fanout_add() in \u0027net/packet/af_packet.c\u0027 in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Use-after-free in the af_packet.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 as a code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-15649"
        },
        {
          "category": "external",
          "summary": "RHBZ#1504574",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504574"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15649",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15649",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15649"
        }
      ],
      "release_date": "2017-09-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-01-25T11:26:34+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:0181"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.17.1.rt56.604.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.17.1.rt56.604.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Use-after-free in the af_packet.c"
    }
  ]
}

SUSE-SU-2016:0168-1

Vulnerability from csaf_suse - Published: 2016-01-19 09:43 - Updated: 2016-01-19 09:43

Summary

Security update for the Linux Kernel

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel

Description of the patch: The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). The following non-security bugs were fixed: - ACPICA: Correctly cleanup after a ACPI table load failure (bnc#937261). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - Re-add copy_page_vector_to_user() - Refresh patches.xen/xen3-patch-3.12.46-47 (bsc#959705). - Refresh patches.xen/xen3-patch-3.9 (bsc#951155). - Update patches.suse/btrfs-8361-Btrfs-keep-dropped-roots-in-cache-until-transaction-.patch (bnc#935087, bnc#945649, bnc#951615). - bcache: Add btree_insert_node() (bnc#951638). - bcache: Add explicit keylist arg to btree_insert() (bnc#951638). - bcache: Clean up keylist code (bnc#951638). - bcache: Convert btree_insert_check_key() to btree_insert_node() (bnc#951638). - bcache: Convert bucket_wait to wait_queue_head_t (bnc#951638). - bcache: Convert try_wait to wait_queue_head_t (bnc#951638). - bcache: Explicitly track btree node's parent (bnc#951638). - bcache: Fix a bug when detaching (bsc#951638). - bcache: Fix a lockdep splat in an error path (bnc#951638). - bcache: Fix a shutdown bug (bsc#951638). - bcache: Fix more early shutdown bugs (bsc#951638). - bcache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - bcache: Insert multiple keys at a time (bnc#951638). - bcache: Refactor journalling flow control (bnc#951638). - bcache: Refactor request_write() (bnc#951638). - bcache: Use blkdev_issue_discard() (bnc#951638). - bcache: backing device set to clean after finishing detach (bsc#951638). - bcache: kill closure locking usage (bnc#951638). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - block: Always check queue limits for cloned requests (bsc#902606). - btrfs: Add qgroup tracing (bnc#935087, bnc#945649). - btrfs: Adjust commit-transaction condition to avoid NO_SPACE more (bsc#958647). - btrfs: Fix out-of-space bug (bsc#958647). - btrfs: Fix tail space processing in find_free_dev_extent() (bsc#958647). - btrfs: Set relative data on clear btrfs_block_group_cache->pinned (bsc#958647). - btrfs: Update btrfs qgroup status item when rescan is done (bnc#960300). - btrfs: backref: Add special time_seq == (u64)-1 case for btrfs_find_all_roots() (bnc#935087, bnc#945649). - btrfs: backref: Do not merge refs which are not for same block (bnc#935087, bnc#945649). - btrfs: cleanup: remove no-used alloc_chunk in btrfs_check_data_free_space() (bsc#958647). - btrfs: delayed-ref: Cleanup the unneeded functions (bnc#935087, bnc#945649). - btrfs: delayed-ref: Use list to replace the ref_root in ref_head (bnc#935087, bnc#945649). - btrfs: extent-tree: Use ref_node to replace unneeded parameters in __inc_extent_ref() and __free_extent() (bnc#935087, bnc#945649). - btrfs: fix comp_oper to get right order (bnc#935087, bnc#945649). - btrfs: fix condition of commit transaction (bsc#958647). - btrfs: fix leak in qgroup_subtree_accounting() error path (bnc#935087, bnc#945649). - btrfs: fix order by which delayed references are run (bnc#949440). - btrfs: fix qgroup sanity tests (bnc#951615). - btrfs: fix race waiting for qgroup rescan worker (bnc#960300). - btrfs: fix regression running delayed references when using qgroups (bnc#951615). - btrfs: fix regression when running delayed references (bnc#951615). - btrfs: fix sleeping inside atomic context in qgroup rescan worker (bnc#960300). - btrfs: fix the number of transaction units needed to remove a block group (bsc#958647). - btrfs: keep dropped roots in cache until transaction commit (bnc#935087, bnc#945649). - btrfs: qgroup: Add function qgroup_update_counters() (bnc#935087, bnc#945649). - btrfs: qgroup: Add function qgroup_update_refcnt() (bnc#935087, bnc#945649). - btrfs: qgroup: Add new function to record old_roots (bnc#935087, bnc#945649). - btrfs: qgroup: Add new qgroup calculation function btrfs_qgroup_account_extents() (bnc#935087, bnc#945649). - btrfs: qgroup: Add the ability to skip given qgroup for old/new_roots (bnc#935087, bnc#945649). - btrfs: qgroup: Cleanup open-coded old/new_refcnt update and read (bnc#935087, bnc#945649). - btrfs: qgroup: Cleanup the old ref_node-oriented mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Do not copy extent buffer to do qgroup rescan (bnc#960300). - btrfs: qgroup: Fix a regression in qgroup reserved space (bnc#935087, bnc#945649). - btrfs: qgroup: Make snapshot accounting work with new extent-oriented qgroup (bnc#935087, bnc#945649). - btrfs: qgroup: Record possible quota-related extent for qgroup (bnc#935087, bnc#945649). - btrfs: qgroup: Switch rescan to new mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Switch self test to extent-oriented qgroup mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: Switch to new extent-oriented qgroup mechanism (bnc#935087, bnc#945649). - btrfs: qgroup: account shared subtree during snapshot delete (bnc#935087, bnc#945649). - btrfs: qgroup: clear STATUS_FLAG_ON in disabling quota (bnc#960300). - btrfs: qgroup: exit the rescan worker during umount (bnc#960300). - btrfs: qgroup: fix quota disable during rescan (bnc#960300). - btrfs: qgroup: move WARN_ON() to the correct location (bnc#935087, bnc#945649). - btrfs: remove transaction from send (bnc#935087, bnc#945649). - btrfs: ulist: Add ulist_del() function (bnc#935087, bnc#945649). - btrfs: use btrfs_get_fs_root in resolve_indirect_ref (bnc#935087, bnc#945649). - btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#958647). - cache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#957395). - drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040). - drm: Allocate new master object when client becomes master (bsc#956876, bsc#956801). - drm: Fix KABI of 'struct drm_file' (bsc#956876, bsc#956801). - e1000e: Do not read ICR in Other interrupt (bsc#924919). - e1000e: Do not write lsc to ics in msi-x mode (bsc#924919). - e1000e: Fix msi-x interrupt automask (bsc#924919). - e1000e: Remove unreachable code (bsc#924919). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - ipv6: fix tunnel error handling (bsc#952579). - lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392). - mm/mempolicy.c: convert the shared_policy lock to a rwlock (bnc#959436). - mm: remove PG_waiters from PAGE_FLAGS_CHECK_AT_FREE (bnc#943959). - pm, hinernate: use put_page in release_swap_writer (bnc#943959). - sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#957395). - udp: properly support MSG_PEEK with truncated buffers (bsc#951199 bsc#959364). - xhci: Workaround to get Intel xHCI reset working more reliably (bnc#957546).

Patchnames: SUSE-SLE-DESKTOP-12-2016-107,SUSE-SLE-Live-Patching-12-2016-107,SUSE-SLE-Module-Public-Cloud-12-2016-107,SUSE-SLE-SDK-12-2016-107,SUSE-SLE-SERVER-12-2016-107,SUSE-SLE-WE-12-2016-107

CVE-2015-7550

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-8543

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8550

8.2 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-8551

6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8552

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8569

2.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8575

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 57 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

83 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/758040	self
https://bugzilla.suse.com/902606	self
https://bugzilla.suse.com/924919	self
https://bugzilla.suse.com/935087	self
https://bugzilla.suse.com/937261	self
https://bugzilla.suse.com/943959	self
https://bugzilla.suse.com/945649	self
https://bugzilla.suse.com/949440	self
https://bugzilla.suse.com/951155	self
https://bugzilla.suse.com/951199	self
https://bugzilla.suse.com/951392	self
https://bugzilla.suse.com/951615	self
https://bugzilla.suse.com/951638	self
https://bugzilla.suse.com/952579	self
https://bugzilla.suse.com/952976	self
https://bugzilla.suse.com/956708	self
https://bugzilla.suse.com/956801	self
https://bugzilla.suse.com/956876	self
https://bugzilla.suse.com/957395	self
https://bugzilla.suse.com/957546	self
https://bugzilla.suse.com/957988	self
https://bugzilla.suse.com/957990	self
https://bugzilla.suse.com/958463	self
https://bugzilla.suse.com/958504	self
https://bugzilla.suse.com/958510	self
https://bugzilla.suse.com/958647	self
https://bugzilla.suse.com/958886	self
https://bugzilla.suse.com/958951	self
https://bugzilla.suse.com/959190	self
https://bugzilla.suse.com/959364	self
https://bugzilla.suse.com/959399	self
https://bugzilla.suse.com/959436	self
https://bugzilla.suse.com/959705	self
https://bugzilla.suse.com/960300	self
https://www.suse.com/security/cve/CVE-2015-7550/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-8543/	self
https://www.suse.com/security/cve/CVE-2015-8550/	self
https://www.suse.com/security/cve/CVE-2015-8551/	self
https://www.suse.com/security/cve/CVE-2015-8552/	self
https://www.suse.com/security/cve/CVE-2015-8569/	self
https://www.suse.com/security/cve/CVE-2015-8575/	self
https://www.suse.com/security/cve/CVE-2015-7550	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/1052256	external
https://bugzilla.suse.com/958951	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-8543	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/1052256	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/958886	external
https://bugzilla.suse.com/963994	external
https://bugzilla.suse.com/969522	external
https://www.suse.com/security/cve/CVE-2015-8550	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/1052256	external
https://bugzilla.suse.com/957988	external
https://www.suse.com/security/cve/CVE-2015-8551	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/957990	external
https://www.suse.com/security/cve/CVE-2015-8552	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/957990	external
https://www.suse.com/security/cve/CVE-2015-8569	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/959190	external
https://bugzilla.suse.com/959399	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-8575	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/959190	external
https://bugzilla.suse.com/959399	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed:\n- CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951).\n- CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463).\n- CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n- CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988).\n- CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990).\n- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n- CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399).\n\nThe following non-security bugs were fixed:\n- ACPICA: Correctly cleanup after a ACPI table load failure (bnc#937261).\n- ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n- Input: aiptek - fix crash on detecting device without endpoints (bnc#956708).\n- Re-add copy_page_vector_to_user()\n- Refresh patches.xen/xen3-patch-3.12.46-47 (bsc#959705).\n- Refresh patches.xen/xen3-patch-3.9 (bsc#951155).\n- Update patches.suse/btrfs-8361-Btrfs-keep-dropped-roots-in-cache-until-transaction-.patch (bnc#935087, bnc#945649, bnc#951615).\n- bcache: Add btree_insert_node() (bnc#951638).\n- bcache: Add explicit keylist arg to btree_insert() (bnc#951638).\n- bcache: Clean up keylist code (bnc#951638).\n- bcache: Convert btree_insert_check_key() to btree_insert_node() (bnc#951638).\n- bcache: Convert bucket_wait to wait_queue_head_t (bnc#951638).\n- bcache: Convert try_wait to wait_queue_head_t (bnc#951638).\n- bcache: Explicitly track btree node\u0027s parent (bnc#951638).\n- bcache: Fix a bug when detaching (bsc#951638).\n- bcache: Fix a lockdep splat in an error path (bnc#951638).\n- bcache: Fix a shutdown bug (bsc#951638).\n- bcache: Fix more early shutdown bugs (bsc#951638).\n- bcache: Fix sysfs splat on shutdown with flash only devs (bsc#951638).\n- bcache: Insert multiple keys at a time (bnc#951638).\n- bcache: Refactor journalling flow control (bnc#951638).\n- bcache: Refactor request_write() (bnc#951638).\n- bcache: Use blkdev_issue_discard() (bnc#951638).\n- bcache: backing device set to clean after finishing detach (bsc#951638).\n- bcache: kill closure locking usage (bnc#951638).\n- blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).\n- blktap: refine mm tracking (bsc#952976).\n- block: Always check queue limits for cloned requests (bsc#902606).\n- btrfs: Add qgroup tracing (bnc#935087, bnc#945649).\n- btrfs: Adjust commit-transaction condition to avoid NO_SPACE more (bsc#958647).\n- btrfs: Fix out-of-space bug (bsc#958647).\n- btrfs: Fix tail space processing in find_free_dev_extent() (bsc#958647).\n- btrfs: Set relative data on clear btrfs_block_group_cache-\u003epinned (bsc#958647).\n- btrfs: Update btrfs qgroup status item when rescan is done (bnc#960300).\n- btrfs: backref: Add special time_seq == (u64)-1 case for btrfs_find_all_roots() (bnc#935087, bnc#945649).\n- btrfs: backref: Do not merge refs which are not for same block (bnc#935087, bnc#945649).\n- btrfs: cleanup: remove no-used alloc_chunk in btrfs_check_data_free_space() (bsc#958647).\n- btrfs: delayed-ref: Cleanup the unneeded functions (bnc#935087, bnc#945649).\n- btrfs: delayed-ref: Use list to replace the ref_root in ref_head (bnc#935087, bnc#945649).\n- btrfs: extent-tree: Use ref_node to replace unneeded parameters in __inc_extent_ref() and __free_extent() (bnc#935087, bnc#945649).\n- btrfs: fix comp_oper to get right order (bnc#935087, bnc#945649).\n- btrfs: fix condition of commit transaction (bsc#958647).\n- btrfs: fix leak in qgroup_subtree_accounting() error path (bnc#935087, bnc#945649).\n- btrfs: fix order by which delayed references are run (bnc#949440).\n- btrfs: fix qgroup sanity tests (bnc#951615).\n- btrfs: fix race waiting for qgroup rescan worker (bnc#960300).\n- btrfs: fix regression running delayed references when using qgroups (bnc#951615).\n- btrfs: fix regression when running delayed references (bnc#951615).\n- btrfs: fix sleeping inside atomic context in qgroup rescan worker (bnc#960300).\n- btrfs: fix the number of transaction units needed to remove a block group (bsc#958647).\n- btrfs: keep dropped roots in cache until transaction commit (bnc#935087, bnc#945649).\n- btrfs: qgroup: Add function qgroup_update_counters() (bnc#935087, bnc#945649).\n- btrfs: qgroup: Add function qgroup_update_refcnt() (bnc#935087, bnc#945649).\n- btrfs: qgroup: Add new function to record old_roots (bnc#935087, bnc#945649).\n- btrfs: qgroup: Add new qgroup calculation function btrfs_qgroup_account_extents() (bnc#935087, bnc#945649).\n- btrfs: qgroup: Add the ability to skip given qgroup for old/new_roots (bnc#935087, bnc#945649).\n- btrfs: qgroup: Cleanup open-coded old/new_refcnt update and read (bnc#935087, bnc#945649).\n- btrfs: qgroup: Cleanup the old ref_node-oriented mechanism (bnc#935087, bnc#945649).\n- btrfs: qgroup: Do not copy extent buffer to do qgroup rescan (bnc#960300).\n- btrfs: qgroup: Fix a regression in qgroup reserved space (bnc#935087, bnc#945649).\n- btrfs: qgroup: Make snapshot accounting work with new extent-oriented qgroup (bnc#935087, bnc#945649).\n- btrfs: qgroup: Record possible quota-related extent for qgroup (bnc#935087, bnc#945649).\n- btrfs: qgroup: Switch rescan to new mechanism (bnc#935087, bnc#945649).\n- btrfs: qgroup: Switch self test to extent-oriented qgroup mechanism (bnc#935087, bnc#945649).\n- btrfs: qgroup: Switch to new extent-oriented qgroup mechanism (bnc#935087, bnc#945649).\n- btrfs: qgroup: account shared subtree during snapshot delete (bnc#935087, bnc#945649).\n- btrfs: qgroup: clear STATUS_FLAG_ON in disabling quota (bnc#960300).\n- btrfs: qgroup: exit the rescan worker during umount (bnc#960300).\n- btrfs: qgroup: fix quota disable during rescan (bnc#960300).\n- btrfs: qgroup: move WARN_ON() to the correct location (bnc#935087, bnc#945649).\n- btrfs: remove transaction from send (bnc#935087, bnc#945649).\n- btrfs: ulist: Add ulist_del() function (bnc#935087, bnc#945649).\n- btrfs: use btrfs_get_fs_root in resolve_indirect_ref (bnc#935087, bnc#945649).\n- btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#958647).\n- cache: Fix sysfs splat on shutdown with flash only devs (bsc#951638).\n- cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#957395).\n- drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040).\n- drm: Allocate new master object when client becomes master (bsc#956876, bsc#956801).\n- drm: Fix KABI of \u0027struct drm_file\u0027 (bsc#956876, bsc#956801).\n- e1000e: Do not read ICR in Other interrupt (bsc#924919).\n- e1000e: Do not write lsc to ics in msi-x mode (bsc#924919).\n- e1000e: Fix msi-x interrupt automask (bsc#924919).\n- e1000e: Remove unreachable code (bsc#924919).\n- genksyms: Handle string literals with spaces in reference files (bsc#958510).\n- ipv6: fix tunnel error handling (bsc#952579).\n- lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392).\n- mm/mempolicy.c: convert the shared_policy lock to a rwlock (bnc#959436).\n- mm: remove PG_waiters from PAGE_FLAGS_CHECK_AT_FREE (bnc#943959).\n- pm, hinernate: use put_page in release_swap_writer (bnc#943959).\n- sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#957395).\n- udp: properly support MSG_PEEK with truncated buffers (bsc#951199 bsc#959364).\n- xhci: Workaround to get Intel xHCI reset working more reliably (bnc#957546).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-DESKTOP-12-2016-107,SUSE-SLE-Live-Patching-12-2016-107,SUSE-SLE-Module-Public-Cloud-12-2016-107,SUSE-SLE-SDK-12-2016-107,SUSE-SLE-SERVER-12-2016-107,SUSE-SLE-WE-12-2016-107",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0168-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0168-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160168-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0168-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-January/001810.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 758040",
        "url": "https://bugzilla.suse.com/758040"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 902606",
        "url": "https://bugzilla.suse.com/902606"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 924919",
        "url": "https://bugzilla.suse.com/924919"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 935087",
        "url": "https://bugzilla.suse.com/935087"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 937261",
        "url": "https://bugzilla.suse.com/937261"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 943959",
        "url": "https://bugzilla.suse.com/943959"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 945649",
        "url": "https://bugzilla.suse.com/945649"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949440",
        "url": "https://bugzilla.suse.com/949440"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951155",
        "url": "https://bugzilla.suse.com/951155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951199",
        "url": "https://bugzilla.suse.com/951199"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951392",
        "url": "https://bugzilla.suse.com/951392"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951615",
        "url": "https://bugzilla.suse.com/951615"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951638",
        "url": "https://bugzilla.suse.com/951638"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 952579",
        "url": "https://bugzilla.suse.com/952579"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 952976",
        "url": "https://bugzilla.suse.com/952976"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956708",
        "url": "https://bugzilla.suse.com/956708"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956801",
        "url": "https://bugzilla.suse.com/956801"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 956876",
        "url": "https://bugzilla.suse.com/956876"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957395",
        "url": "https://bugzilla.suse.com/957395"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957546",
        "url": "https://bugzilla.suse.com/957546"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957988",
        "url": "https://bugzilla.suse.com/957988"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 957990",
        "url": "https://bugzilla.suse.com/957990"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958463",
        "url": "https://bugzilla.suse.com/958463"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958504",
        "url": "https://bugzilla.suse.com/958504"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958510",
        "url": "https://bugzilla.suse.com/958510"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958647",
        "url": "https://bugzilla.suse.com/958647"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958886",
        "url": "https://bugzilla.suse.com/958886"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958951",
        "url": "https://bugzilla.suse.com/958951"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959190",
        "url": "https://bugzilla.suse.com/959190"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959364",
        "url": "https://bugzilla.suse.com/959364"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959399",
        "url": "https://bugzilla.suse.com/959399"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959436",
        "url": "https://bugzilla.suse.com/959436"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 959705",
        "url": "https://bugzilla.suse.com/959705"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 960300",
        "url": "https://bugzilla.suse.com/960300"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7550 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8543 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8543/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8550 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8550/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8551 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8551/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8552 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8552/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8569 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8569/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8575 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8575/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2016-01-19T09:43:16Z",
      "generator": {
        "date": "2016-01-19T09:43:16Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0168-1",
      "initial_release_date": "2016-01-19T09:43:16Z",
      "revision_history": [
        {
          "date": "2016-01-19T09:43:16Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-3.12.51-52.34.1.noarch",
                "product": {
                  "name": "kernel-devel-3.12.51-52.34.1.noarch",
                  "product_id": "kernel-devel-3.12.51-52.34.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-3.12.51-52.34.1.noarch",
                "product": {
                  "name": "kernel-macros-3.12.51-52.34.1.noarch",
                  "product_id": "kernel-macros-3.12.51-52.34.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.12.51-52.34.1.noarch",
                "product": {
                  "name": "kernel-source-3.12.51-52.34.1.noarch",
                  "product_id": "kernel-source-3.12.51-52.34.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-3.12.51-52.34.3.noarch",
                "product": {
                  "name": "kernel-docs-3.12.51-52.34.3.noarch",
                  "product_id": "kernel-docs-3.12.51-52.34.3.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-obs-build-3.12.51-52.34.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-3.12.51-52.34.1.ppc64le",
                  "product_id": "kernel-obs-build-3.12.51-52.34.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-3.12.51-52.34.1.ppc64le",
                "product": {
                  "name": "kernel-default-3.12.51-52.34.1.ppc64le",
                  "product_id": "kernel-default-3.12.51-52.34.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.51-52.34.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-3.12.51-52.34.1.ppc64le",
                  "product_id": "kernel-default-base-3.12.51-52.34.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.51-52.34.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-3.12.51-52.34.1.ppc64le",
                  "product_id": "kernel-default-devel-3.12.51-52.34.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.51-52.34.1.ppc64le",
                "product": {
                  "name": "kernel-syms-3.12.51-52.34.1.ppc64le",
                  "product_id": "kernel-syms-3.12.51-52.34.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-obs-build-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-obs-build-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-obs-build-3.12.51-52.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-default-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-default-3.12.51-52.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-default-base-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-default-base-3.12.51-52.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-default-devel-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-default-devel-3.12.51-52.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-default-man-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-default-man-3.12.51-52.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.51-52.34.1.s390x",
                "product": {
                  "name": "kernel-syms-3.12.51-52.34.1.s390x",
                  "product_id": "kernel-syms-3.12.51-52.34.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-default-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-default-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-default-devel-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-default-extra-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-syms-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-syms-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-xen-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-xen-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-xen-devel-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-xen-devel-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-ec2-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-ec2-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-ec2-devel-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-ec2-devel-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-extra-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-ec2-extra-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-ec2-extra-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-obs-build-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-default-base-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-default-base-3.12.51-52.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.12.51-52.34.1.x86_64",
                "product": {
                  "name": "kernel-xen-base-3.12.51-52.34.1.x86_64",
                  "product_id": "kernel-xen-base-3.12.51-52.34.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12",
                  "product_id": "SUSE Linux Enterprise Desktop 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 12",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 12",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12",
                  "product_id": "SUSE Linux Enterprise Server 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 12",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 12",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-extra-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-devel-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-macros-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-source-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-ec2-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-ec2-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-extra-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-ec2-extra-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-3.12.51-52.34.3.noarch as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch"
        },
        "product_reference": "kernel-docs-3.12.51-52.34.3.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-obs-build-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-obs-build-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-man-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-devel-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-macros-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-source-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-default-man-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-devel-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-macros-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.12.51-52.34.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch"
        },
        "product_reference": "kernel-source-3.12.51-52.34.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-syms-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-3.12.51-52.34.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12",
          "product_id": "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        },
        "product_reference": "kernel-default-extra-3.12.51-52.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-7550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7550",
          "url": "https://www.suse.com/security/cve/CVE-2015-7550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958951 for CVE-2015-7550",
          "url": "https://bugzilla.suse.com/958951"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7550"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    },
    {
      "cve": "CVE-2015-8543",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8543"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8543",
          "url": "https://www.suse.com/security/cve/CVE-2015-8543"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958886 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/958886"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/963994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969522 for CVE-2015-8543",
          "url": "https://bugzilla.suse.com/969522"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8543"
    },
    {
      "cve": "CVE-2015-8550",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8550"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8550",
          "url": "https://www.suse.com/security/cve/CVE-2015-8550"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8550",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052256 for CVE-2015-8550",
          "url": "https://bugzilla.suse.com/1052256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957988 for CVE-2015-8550",
          "url": "https://bugzilla.suse.com/957988"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8550"
    },
    {
      "cve": "CVE-2015-8551",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8551"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka \"Linux pciback missing sanity checks.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8551",
          "url": "https://www.suse.com/security/cve/CVE-2015-8551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8551",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957990 for CVE-2015-8551",
          "url": "https://bugzilla.suse.com/957990"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8551"
    },
    {
      "cve": "CVE-2015-8552",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8552"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \"Linux pciback missing sanity checks.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8552",
          "url": "https://www.suse.com/security/cve/CVE-2015-8552"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8552",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957990 for CVE-2015-8552",
          "url": "https://bugzilla.suse.com/957990"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8552"
    },
    {
      "cve": "CVE-2015-8569",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8569"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8569",
          "url": "https://www.suse.com/security/cve/CVE-2015-8569"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959190 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/959190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959399 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/959399"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-8569",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8569"
    },
    {
      "cve": "CVE-2015-8575",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8575"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8575",
          "url": "https://www.suse.com/security/cve/CVE-2015-8575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959190 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/959190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959399 for CVE-2015-8575",
          "url": "https://bugzilla.suse.com/959399"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-1-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-1-2.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.51-52.34.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.51-52.34.3.noarch",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.51-52.34.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.51-52.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-01-19T09:43:16Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8575"
    }
  ]
}

SUSE-SU-2016:0335-1

Vulnerability from csaf_suse - Published: 2016-02-04 15:01 - Updated: 2016-02-04 15:01

Summary

Security update for kernel live patch SP1 0

Severity

Important

Notes

Title of the patch: Security update for kernel live patch SP1 0

Description of the patch: This kernel live patch for Linux Kernel 3.12.49-11.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). - CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#953052) - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#953052). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951542). Non-security bugfix were also done: - xfs: Fix lost direct IO write in the last block (bsc#954005).

Patchnames: SUSE-SLE-Live-Patching-12-2016-203

CVE-2015-2925

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-6937

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-7872

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-7990

5.8 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64		—	Vendor Fix

Threats

Impact important

References

40 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/951542	self
https://bugzilla.suse.com/953052	self
https://bugzilla.suse.com/954005	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-2925/	self
https://www.suse.com/security/cve/CVE-2015-6937/	self
https://www.suse.com/security/cve/CVE-2015-7872/	self
https://www.suse.com/security/cve/CVE-2015-7990/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-2925	external
https://bugzilla.suse.com/926238	external
https://bugzilla.suse.com/951625	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-6937	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-7872	external
https://bugzilla.suse.com/951440	external
https://bugzilla.suse.com/951542	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-7990	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch SP1 0",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.49-11.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n\n- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n  Datagram Sockets (RDS) implementation allowing a local user to cause\n  system DoS. A verification was missing that the underlying transport\n  exists when a connection was created. (bsc#953052)\n\n- CVE-2015-7990: RDS: Verify the underlying transport exists before\n  creating a connection, preventing possible DoS (bsc#953052).\n\n- CVE-2015-7872: Possible crash when trying to garbage collect an\n  uninstantiated keyring (bsc#951542).\n\nNon-security bugfix were also done:\n- xfs: Fix lost direct IO write in the last block (bsc#954005).\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-203",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0335-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0335-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160335-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0335-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001843.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951542",
        "url": "https://bugzilla.suse.com/951542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953052",
        "url": "https://bugzilla.suse.com/953052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954005",
        "url": "https://bugzilla.suse.com/954005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2925 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch SP1 0",
    "tracking": {
      "current_release_date": "2016-02-04T15:01:21Z",
      "generator": {
        "date": "2016-02-04T15:01:21Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0335-1",
      "initial_release_date": "2016-02-04T15:01:21Z",
      "revision_history": [
        {
          "date": "2016-02-04T15:01:21Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
                  "product_id": "kgraft-patch-3_12_49-11-default-2-5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_49-11-xen-2-5.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_49-11-xen-2-5.1.x86_64",
                  "product_id": "kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_49-11-default-2-5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_49-11-xen-2-5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_49-11-xen-2-5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-2925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a \"double-chroot attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2925",
          "url": "https://www.suse.com/security/cve/CVE-2015-2925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926238 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/926238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951625 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:21Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2925"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:21Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:21Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:21Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-2-5.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-2-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:21Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0336-1

Vulnerability from csaf_suse - Published: 2016-02-04 15:01 - Updated: 2016-02-04 15:01

Summary

Security update for kernel live patch 9

Severity

Important

Notes

Title of the patch: Security update for kernel live patch 9

Description of the patch: This kernel live patch for Linux Kernel 3.12.51-52.31.1 fixes a security issue: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601).

Patchnames: SUSE-SLE-Live-Patching-12-2016-204

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

11 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch 9",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.51-52.31.1 fixes a security issue:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-204",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0336-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0336-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160336-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0336-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001844.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch 9",
    "tracking": {
      "current_release_date": "2016-02-04T15:01:31Z",
      "generator": {
        "date": "2016-02-04T15:01:31Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0336-1",
      "initial_release_date": "2016-02-04T15:01:31Z",
      "revision_history": [
        {
          "date": "2016-02-04T15:01:31Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:31Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0337-1

Vulnerability from csaf_suse - Published: 2016-02-04 15:01 - Updated: 2016-02-04 15:01

Summary

Security update for kernel live patch 8

Severity

Important

Notes

Title of the patch: Security update for kernel live patch 8

Description of the patch: This kernel live patch for Linux Kernel 3.12.48-52.27.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). - CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#953052) - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#953052). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951542). - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#951625). Non-security bugfix were also done: - xfs: Fix lost direct IO write in the last block (bsc#954005). - simple fix in kallsyms initialization (bsc#940342 bsc#916225)

Patchnames: SUSE-SLE-Live-Patching-12-2016-206

CVE-2015-2925

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-6937

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-7872

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-7990

5.8 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

43 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/916225	self
https://bugzilla.suse.com/940342	self
https://bugzilla.suse.com/951542	self
https://bugzilla.suse.com/951625	self
https://bugzilla.suse.com/953052	self
https://bugzilla.suse.com/954005	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-2925/	self
https://www.suse.com/security/cve/CVE-2015-6937/	self
https://www.suse.com/security/cve/CVE-2015-7872/	self
https://www.suse.com/security/cve/CVE-2015-7990/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-2925	external
https://bugzilla.suse.com/926238	external
https://bugzilla.suse.com/951625	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-6937	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-7872	external
https://bugzilla.suse.com/951440	external
https://bugzilla.suse.com/951542	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-7990	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch 8",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.48-52.27.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n\n- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n  Datagram Sockets (RDS) implementation allowing a local user to cause\n  system DoS. A verification was missing that the underlying transport\n  exists when a connection was created. (bsc#953052)\n\n- CVE-2015-7990: RDS: Verify the underlying transport exists before\n  creating a connection, preventing possible DoS (bsc#953052).\n\n- CVE-2015-7872: Possible crash when trying to garbage collect an\n  uninstantiated keyring (bsc#951542).\n\n- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux\n  kernel did not properly handle rename actions inside a bind mount, which\n  allowed local users to bypass an intended container protection mechanism\n  by renaming a directory, related to a \u0027double-chroot attack (bnc#951625).\n\nNon-security bugfix were also done:\n- xfs: Fix lost direct IO write in the last block (bsc#954005).\n- simple fix in kallsyms initialization (bsc#940342 bsc#916225)\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-206",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0337-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0337-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160337-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0337-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001845.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 916225",
        "url": "https://bugzilla.suse.com/916225"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 940342",
        "url": "https://bugzilla.suse.com/940342"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951542",
        "url": "https://bugzilla.suse.com/951542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951625",
        "url": "https://bugzilla.suse.com/951625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953052",
        "url": "https://bugzilla.suse.com/953052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954005",
        "url": "https://bugzilla.suse.com/954005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2925 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch 8",
    "tracking": {
      "current_release_date": "2016-02-04T15:01:47Z",
      "generator": {
        "date": "2016-02-04T15:01:47Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0337-1",
      "initial_release_date": "2016-02-04T15:01:47Z",
      "revision_history": [
        {
          "date": "2016-02-04T15:01:47Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-2925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a \"double-chroot attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2925",
          "url": "https://www.suse.com/security/cve/CVE-2015-2925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926238 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/926238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951625 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:47Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2925"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:47Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:47Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:47Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0339-1

Vulnerability from csaf_suse - Published: 2016-02-04 15:01 - Updated: 2016-02-04 15:01

Summary

Security update for kernel live patch SP1 1

Severity

Important

Notes

Title of the patch: Security update for kernel live patch SP1 1

Description of the patch: This kernel live patch for Linux Kernel 3.12.51-60.20.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601).

Patchnames: SUSE-SLE-Live-Patching-12-2016-205

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

11 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch SP1 1",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.51-60.20.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-205",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0339-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0339-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160339-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0339-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001847.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch SP1 1",
    "tracking": {
      "current_release_date": "2016-02-04T15:01:40Z",
      "generator": {
        "date": "2016-02-04T15:01:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0339-1",
      "initial_release_date": "2016-02-04T15:01:40Z",
      "revision_history": [
        {
          "date": "2016-02-04T15:01:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-2-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-2-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-04T15:01:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0380-1

Vulnerability from csaf_suse - Published: 2016-02-08 13:45 - Updated: 2016-02-08 13:45

Summary

Security update for kernel live patch 3

Severity

Important

Notes

Title of the patch: Security update for kernel live patch 3

Description of the patch: This kernel live patch for Linux Kernel 3.12.38-44.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). - CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#953052) - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#953052). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951542). - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#951625). Non-security bugfix were also done: - xfs: Fix lost direct IO write in the last block (bsc#954005). - simple fix in kallsyms initialization (bsc#940342 bsc#916225)

Patchnames: SUSE-SLE-Live-Patching-12-2016-221

CVE-2015-2925

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-6937

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-7872

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-7990

5.8 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

43 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/916225	self
https://bugzilla.suse.com/940342	self
https://bugzilla.suse.com/951542	self
https://bugzilla.suse.com/951625	self
https://bugzilla.suse.com/953052	self
https://bugzilla.suse.com/954005	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-2925/	self
https://www.suse.com/security/cve/CVE-2015-6937/	self
https://www.suse.com/security/cve/CVE-2015-7872/	self
https://www.suse.com/security/cve/CVE-2015-7990/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-2925	external
https://bugzilla.suse.com/926238	external
https://bugzilla.suse.com/951625	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-6937	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-7872	external
https://bugzilla.suse.com/951440	external
https://bugzilla.suse.com/951542	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-7990	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch 3",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.38-44.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n\n- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n  Datagram Sockets (RDS) implementation allowing a local user to cause\n  system DoS. A verification was missing that the underlying transport\n  exists when a connection was created. (bsc#953052)\n\n- CVE-2015-7990: RDS: Verify the underlying transport exists before\n  creating a connection, preventing possible DoS (bsc#953052).\n\n- CVE-2015-7872: Possible crash when trying to garbage collect an\n  uninstantiated keyring (bsc#951542).\n\n- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux\n  kernel did not properly handle rename actions inside a bind mount, which\n  allowed local users to bypass an intended container protection mechanism\n  by renaming a directory, related to a \u0027double-chroot attack (bnc#951625).\n\nNon-security bugfix were also done:\n- xfs: Fix lost direct IO write in the last block (bsc#954005).\n- simple fix in kallsyms initialization (bsc#940342 bsc#916225)\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-221",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0380-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0380-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160380-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0380-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001856.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 916225",
        "url": "https://bugzilla.suse.com/916225"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 940342",
        "url": "https://bugzilla.suse.com/940342"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951542",
        "url": "https://bugzilla.suse.com/951542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951625",
        "url": "https://bugzilla.suse.com/951625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953052",
        "url": "https://bugzilla.suse.com/953052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954005",
        "url": "https://bugzilla.suse.com/954005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2925 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch 3",
    "tracking": {
      "current_release_date": "2016-02-08T13:45:58Z",
      "generator": {
        "date": "2016-02-08T13:45:58Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0380-1",
      "initial_release_date": "2016-02-08T13:45:58Z",
      "revision_history": [
        {
          "date": "2016-02-08T13:45:58Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_38-44-default-4-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_38-44-xen-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_38-44-xen-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_38-44-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_38-44-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_38-44-xen-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-2925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a \"double-chroot attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2925",
          "url": "https://www.suse.com/security/cve/CVE-2015-2925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926238 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/926238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951625 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2925"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:58Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:58Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_38-44-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0381-1

Vulnerability from csaf_suse - Published: 2016-02-08 13:45 - Updated: 2016-02-08 13:45

Summary

Security update for kernel live patch 4

Severity

Important

Notes

Title of the patch: Security update for kernel live patch 4

Description of the patch: This kernel live patch for Linux Kernel 3.12.39-47.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). - CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#953052) - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#953052). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951542). - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#951625). Non-security bugfix were also done: - xfs: Fix lost direct IO write in the last block (bsc#954005). - simple fix in kallsyms initialization (bsc#940342 bsc#916225)

Patchnames: SUSE-SLE-Live-Patching-12-2016-220

CVE-2015-2925

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-6937

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-7872

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-7990

5.8 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

43 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/916225	self
https://bugzilla.suse.com/940342	self
https://bugzilla.suse.com/951542	self
https://bugzilla.suse.com/951625	self
https://bugzilla.suse.com/953052	self
https://bugzilla.suse.com/954005	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-2925/	self
https://www.suse.com/security/cve/CVE-2015-6937/	self
https://www.suse.com/security/cve/CVE-2015-7872/	self
https://www.suse.com/security/cve/CVE-2015-7990/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-2925	external
https://bugzilla.suse.com/926238	external
https://bugzilla.suse.com/951625	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-6937	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-7872	external
https://bugzilla.suse.com/951440	external
https://bugzilla.suse.com/951542	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-7990	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch 4",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.39-47.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n\n- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n  Datagram Sockets (RDS) implementation allowing a local user to cause\n  system DoS. A verification was missing that the underlying transport\n  exists when a connection was created. (bsc#953052)\n\n- CVE-2015-7990: RDS: Verify the underlying transport exists before\n  creating a connection, preventing possible DoS (bsc#953052).\n\n- CVE-2015-7872: Possible crash when trying to garbage collect an\n  uninstantiated keyring (bsc#951542).\n\n- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux\n  kernel did not properly handle rename actions inside a bind mount, which\n  allowed local users to bypass an intended container protection mechanism\n  by renaming a directory, related to a \u0027double-chroot attack (bnc#951625).\n\nNon-security bugfix were also done:\n- xfs: Fix lost direct IO write in the last block (bsc#954005).\n- simple fix in kallsyms initialization (bsc#940342 bsc#916225)\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-220",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0381-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0381-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160381-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0381-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001857.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 916225",
        "url": "https://bugzilla.suse.com/916225"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 940342",
        "url": "https://bugzilla.suse.com/940342"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951542",
        "url": "https://bugzilla.suse.com/951542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951625",
        "url": "https://bugzilla.suse.com/951625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953052",
        "url": "https://bugzilla.suse.com/953052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954005",
        "url": "https://bugzilla.suse.com/954005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2925 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch 4",
    "tracking": {
      "current_release_date": "2016-02-08T13:45:50Z",
      "generator": {
        "date": "2016-02-08T13:45:50Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0381-1",
      "initial_release_date": "2016-02-08T13:45:50Z",
      "revision_history": [
        {
          "date": "2016-02-08T13:45:50Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_39-47-default-4-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_39-47-xen-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_39-47-xen-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_39-47-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_39-47-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_39-47-xen-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-2925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a \"double-chroot attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2925",
          "url": "https://www.suse.com/security/cve/CVE-2015-2925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926238 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/926238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951625 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:50Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2925"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:50Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:50Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:50Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:50Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

SUSE-SU-2016:0383-1

Vulnerability from csaf_suse - Published: 2016-02-08 13:45 - Updated: 2016-02-08 13:45

Summary

Security update for kernel live patch 5

Severity

Important

Notes

Title of the patch: Security update for kernel live patch 5

Description of the patch: This kernel live patch for Linux Kernel 3.12.43-52.6.1 fixes security issues and bugs: Security issues fixed: - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958601). - CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#953052) - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#953052). - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951542). - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#951625). Non-security bugfix were also done: - xfs: Fix lost direct IO write in the last block (bsc#954005). - simple fix in kallsyms initialization (bsc#940342 bsc#916225)

Patchnames: SUSE-SLE-Live-Patching-12-2016-219

CVE-2015-2925

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-6937

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-7872

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2015-7990

5.8 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact low

CVE-2015-8539

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64		—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64		—	Vendor Fix

Threats

Impact important

References

43 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/916225	self
https://bugzilla.suse.com/940342	self
https://bugzilla.suse.com/951542	self
https://bugzilla.suse.com/951625	self
https://bugzilla.suse.com/953052	self
https://bugzilla.suse.com/954005	self
https://bugzilla.suse.com/958601	self
https://www.suse.com/security/cve/CVE-2015-2925/	self
https://www.suse.com/security/cve/CVE-2015-6937/	self
https://www.suse.com/security/cve/CVE-2015-7872/	self
https://www.suse.com/security/cve/CVE-2015-7990/	self
https://www.suse.com/security/cve/CVE-2015-8539/	self
https://www.suse.com/security/cve/CVE-2015-2925	external
https://bugzilla.suse.com/926238	external
https://bugzilla.suse.com/951625	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-6937	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/923755	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://bugzilla.suse.com/963994	external
https://www.suse.com/security/cve/CVE-2015-7872	external
https://bugzilla.suse.com/951440	external
https://bugzilla.suse.com/951542	external
https://bugzilla.suse.com/951638	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external
https://www.suse.com/security/cve/CVE-2015-7990	external
https://bugzilla.suse.com/945825	external
https://bugzilla.suse.com/952384	external
https://bugzilla.suse.com/953052	external
https://www.suse.com/security/cve/CVE-2015-8539	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/781018	external
https://bugzilla.suse.com/958463	external
https://bugzilla.suse.com/958601	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kernel live patch 5",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis kernel live patch for Linux Kernel 3.12.43-52.6.1 fixes security issues and bugs:\n\nSecurity issues fixed:\n- CVE-2015-8539: A negatively instantiated user key could have been used\n  by a local user to leverage privileges (bnc#958601).\n\n- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable\n  Datagram Sockets (RDS) implementation allowing a local user to cause\n  system DoS. A verification was missing that the underlying transport\n  exists when a connection was created. (bsc#953052)\n\n- CVE-2015-7990: RDS: Verify the underlying transport exists before\n  creating a connection, preventing possible DoS (bsc#953052).\n\n- CVE-2015-7872: Possible crash when trying to garbage collect an\n  uninstantiated keyring (bsc#951542).\n\n- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux\n  kernel did not properly handle rename actions inside a bind mount, which\n  allowed local users to bypass an intended container protection mechanism\n  by renaming a directory, related to a \u0027double-chroot attack (bnc#951625).\n\nNon-security bugfix were also done:\n- xfs: Fix lost direct IO write in the last block (bsc#954005).\n- simple fix in kallsyms initialization (bsc#940342 bsc#916225)\n  ",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Live-Patching-12-2016-219",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0383-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0383-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160383-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0383-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001858.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 916225",
        "url": "https://bugzilla.suse.com/916225"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 940342",
        "url": "https://bugzilla.suse.com/940342"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951542",
        "url": "https://bugzilla.suse.com/951542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 951625",
        "url": "https://bugzilla.suse.com/951625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 953052",
        "url": "https://bugzilla.suse.com/953052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 954005",
        "url": "https://bugzilla.suse.com/954005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 958601",
        "url": "https://bugzilla.suse.com/958601"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2925 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-6937 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-6937/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7872 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7990 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8539 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8539/"
      }
    ],
    "title": "Security update for kernel live patch 5",
    "tracking": {
      "current_release_date": "2016-02-08T13:45:42Z",
      "generator": {
        "date": "2016-02-08T13:45:42Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0383-1",
      "initial_release_date": "2016-02-08T13:45:42Z",
      "revision_history": [
        {
          "date": "2016-02-08T13:45:42Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12",
                  "product_id": "SUSE Linux Enterprise Live Patching 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
          "product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-2925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a \"double-chroot attack.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2925",
          "url": "https://www.suse.com/security/cve/CVE-2015-2925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 926238 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/926238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951625 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-2925",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:42Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-2925"
    },
    {
      "cve": "CVE-2015-6937",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-6937"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-6937",
          "url": "https://www.suse.com/security/cve/CVE-2015-6937"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 923755 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/923755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/953052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963994 for CVE-2015-6937",
          "url": "https://bugzilla.suse.com/963994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-6937"
    },
    {
      "cve": "CVE-2015-7872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7872",
          "url": "https://www.suse.com/security/cve/CVE-2015-7872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951440 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951542 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951638 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/951638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-7872",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:42Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7872"
    },
    {
      "cve": "CVE-2015-7990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7990",
          "url": "https://www.suse.com/security/cve/CVE-2015-7990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 945825 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/945825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952384 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/952384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 953052 for CVE-2015-7990",
          "url": "https://bugzilla.suse.com/953052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7990"
    },
    {
      "cve": "CVE-2015-8539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
          "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8539",
          "url": "https://www.suse.com/security/cve/CVE-2015-8539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 781018 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/781018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958463 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958463"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 958601 for CVE-2015-8539",
          "url": "https://bugzilla.suse.com/958601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-4-2.1.x86_64",
            "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-4-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-08T13:45:42Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-8539"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-8539 (GCVE-0-2015-8539)

Tags

Sightings

Nomenclature