Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-19529 (GCVE-0-2019-19529)
Vulnerability from cvelistv5 – Published: 2019-12-03 15:40 – Updated: 2024-08-05 02:16
VLAI
EPSS
Summary
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2019/12/03/4 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://usn.ubuntu.com/4227-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4226-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4225-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4227-2/ | vendor-advisoryx_refsource_UBUNTU |
| https://usn.ubuntu.com/4225-2/ | vendor-advisoryx_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:48.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"name": "openSUSE-SU-2019:2675",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"name": "USN-4227-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"name": "USN-4226-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "USN-4225-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"name": "USN-4227-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"name": "USN-4225-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4225-2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T17:06:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"name": "openSUSE-SU-2019:2675",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"name": "USN-4227-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"name": "USN-4226-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "USN-4225-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"name": "USN-4227-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"name": "USN-4225-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4225-2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"name": "openSUSE-SU-2019:2675",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"name": "USN-4227-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"name": "USN-4226-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "USN-4225-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"name": "USN-4227-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"name": "USN-4225-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19529",
"datePublished": "2019-12-03T15:40:58.000Z",
"dateReserved": "2019-12-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:16:48.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-19529",
"date": "2026-05-27",
"epss": "0.00057",
"percentile": "0.17999"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-19529\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-12-03T16:15:13.127\",\"lastModified\":\"2024-11-21T04:34:54.133\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux versiones anteriores a 5.3.11, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/can/usb/mcba_usb.c, tambi\u00e9n se conoce como CID-4d6636498c41.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.4,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.3.11\",\"matchCriteriaId\":\"AFBC7FC6-5284-45A6-AEF0-98EE91D9A0A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/03/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4225-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4225-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/12/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4225-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4225-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2020-AVI-130
Vulnerability from certfr_avis - Published: 2020-03-06 - Updated: 2020-03-06
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
},
{
"name": "CVE-2019-19529",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
},
{
"name": "CVE-2019-18809",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
},
{
"name": "CVE-2019-19036",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19036"
},
{
"name": "CVE-2019-19966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19966"
},
{
"name": "CVE-2019-19227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
},
{
"name": "CVE-2019-19524",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
},
{
"name": "CVE-2020-8992",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8992"
},
{
"name": "CVE-2019-19073",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
},
{
"name": "CVE-2019-19543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
},
{
"name": "CVE-2019-19526",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
},
{
"name": "CVE-2019-19927",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19927"
},
{
"name": "CVE-2019-19060",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
},
{
"name": "CVE-2019-14901",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
},
{
"name": "CVE-2019-19527",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
},
{
"name": "CVE-2019-19332",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
},
{
"name": "CVE-2019-14896",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14896"
},
{
"name": "CVE-2019-19319",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19319"
},
{
"name": "CVE-2019-19536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
},
{
"name": "CVE-2019-19062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
},
{
"name": "CVE-2019-18683",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
},
{
"name": "CVE-2019-15213",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
},
{
"name": "CVE-2019-19063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
},
{
"name": "CVE-2019-19767",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
},
{
"name": "CVE-2019-19532",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
},
{
"name": "CVE-2019-19338",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2019-19523",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
},
{
"name": "CVE-2020-8428",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8428"
},
{
"name": "CVE-2019-19052",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
},
{
"name": "CVE-2019-19045",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
},
{
"name": "CVE-2019-19049",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
},
{
"name": "CVE-2019-19077",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
},
{
"name": "CVE-2019-19067",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
},
{
"name": "CVE-2020-2732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2732"
},
{
"name": "CVE-2019-19057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
},
{
"name": "CVE-2019-18808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
},
{
"name": "CVE-2019-19528",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
},
{
"name": "CVE-2019-19056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
},
{
"name": "CVE-2019-19058",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
},
{
"name": "CVE-2019-19318",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19318"
},
{
"name": "CVE-2019-19525",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
},
{
"name": "CVE-2019-19075",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
},
{
"name": "CVE-2019-19534",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
},
{
"name": "CVE-2019-19537",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
},
{
"name": "CVE-2019-20054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
},
{
"name": "CVE-2019-19051",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
},
{
"name": "CVE-2019-19530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
},
{
"name": "CVE-2019-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14615"
},
{
"name": "CVE-2019-19068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
},
{
"name": "CVE-2019-19066",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19066"
},
{
"name": "CVE-2020-7053",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7053"
},
{
"name": "CVE-2019-19054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19054"
},
{
"name": "CVE-2019-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16994"
},
{
"name": "CVE-2019-19447",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
},
{
"name": "CVE-2019-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20095"
},
{
"name": "CVE-2019-19065",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
},
{
"name": "CVE-2019-20096",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20096"
},
{
"name": "CVE-2019-18660",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
},
{
"name": "CVE-2019-19074",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
},
{
"name": "CVE-2019-14895",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
},
{
"name": "CVE-2019-14897",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14897"
},
{
"name": "CVE-2019-19965",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19965"
},
{
"name": "CVE-2019-19531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
},
{
"name": "CVE-2019-19535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19535"
}
],
"initial_release_date": "2020-03-06T00:00:00",
"last_revision_date": "2020-03-06T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-130",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200599-1 du 05 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200599-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200584-1 du 04 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200584-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200580-1 du 04 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200580-1/"
}
]
}
CERTFR-2020-AVI-148
Vulnerability from certfr_avis - Published: 2020-03-12 - Updated: 2020-03-13
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19082",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
},
{
"name": "CVE-2019-19533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
},
{
"name": "CVE-2019-19529",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
},
{
"name": "CVE-2019-18809",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
},
{
"name": "CVE-2019-19036",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19036"
},
{
"name": "CVE-2019-19966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19966"
},
{
"name": "CVE-2019-19227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
},
{
"name": "CVE-2019-19524",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
},
{
"name": "CVE-2020-8992",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8992"
},
{
"name": "CVE-2019-19073",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
},
{
"name": "CVE-2019-19543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
},
{
"name": "CVE-2019-19526",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
},
{
"name": "CVE-2019-19927",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19927"
},
{
"name": "CVE-2019-19060",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
},
{
"name": "CVE-2019-14901",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
},
{
"name": "CVE-2019-19527",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
},
{
"name": "CVE-2019-19332",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
},
{
"name": "CVE-2019-14896",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14896"
},
{
"name": "CVE-2019-19319",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19319"
},
{
"name": "CVE-2019-19536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
},
{
"name": "CVE-2019-19062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
},
{
"name": "CVE-2019-18683",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
},
{
"name": "CVE-2019-15213",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
},
{
"name": "CVE-2019-19063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
},
{
"name": "CVE-2019-19767",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
},
{
"name": "CVE-2019-19078",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
},
{
"name": "CVE-2019-19532",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
},
{
"name": "CVE-2019-19046",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
},
{
"name": "CVE-2019-19338",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2019-19523",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
},
{
"name": "CVE-2020-8428",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8428"
},
{
"name": "CVE-2019-19083",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
},
{
"name": "CVE-2019-19052",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
},
{
"name": "CVE-2019-19045",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
},
{
"name": "CVE-2019-16746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16746"
},
{
"name": "CVE-2019-19049",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
},
{
"name": "CVE-2019-19077",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
},
{
"name": "CVE-2019-19067",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
},
{
"name": "CVE-2019-19080",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
},
{
"name": "CVE-2020-2732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2732"
},
{
"name": "CVE-2019-19057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
},
{
"name": "CVE-2019-18808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
},
{
"name": "CVE-2019-19528",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
},
{
"name": "CVE-2019-19056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
},
{
"name": "CVE-2019-19058",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
},
{
"name": "CVE-2019-19318",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19318"
},
{
"name": "CVE-2019-19525",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
},
{
"name": "CVE-2019-19075",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
},
{
"name": "CVE-2019-19534",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
},
{
"name": "CVE-2019-19537",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
},
{
"name": "CVE-2019-20054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
},
{
"name": "CVE-2019-19051",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
},
{
"name": "CVE-2019-19530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
},
{
"name": "CVE-2019-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14615"
},
{
"name": "CVE-2019-19068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
},
{
"name": "CVE-2019-19081",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
},
{
"name": "CVE-2019-19066",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19066"
},
{
"name": "CVE-2020-7053",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7053"
},
{
"name": "CVE-2019-19054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19054"
},
{
"name": "CVE-2019-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16994"
},
{
"name": "CVE-2019-19447",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
},
{
"name": "CVE-2019-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20095"
},
{
"name": "CVE-2019-19065",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
},
{
"name": "CVE-2019-20096",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20096"
},
{
"name": "CVE-2019-18660",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
},
{
"name": "CVE-2019-19074",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
},
{
"name": "CVE-2019-14895",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
},
{
"name": "CVE-2019-14897",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14897"
},
{
"name": "CVE-2019-19965",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19965"
},
{
"name": "CVE-2019-19531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
},
{
"name": "CVE-2019-19535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19535"
}
],
"initial_release_date": "2020-03-12T00:00:00",
"last_revision_date": "2020-03-13T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200649-1 du 13 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200667-1/"
}
],
"reference": "CERTFR-2020-AVI-148",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-12T00:00:00.000000"
},
{
"description": "Ajout du bulletin de deux bulletins de s\u00e9curit\u00e9",
"revision_date": "2020-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200649-1 du 12 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200649-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200667-1 du 13 mars 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200605-1 du 06 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200605-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200613-1 du 09 mars 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200613-1/"
}
]
}
CERTFR-2020-AVI-331
Vulnerability from certfr_avis - Published: 2020-06-02 - Updated: 2020-06-02
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Android toutes versions sans le correctif de s\u00e9curit\u00e9 du 01 juin 2020",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0197"
},
{
"name": "CVE-2020-0176",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0176"
},
{
"name": "CVE-2019-13135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13135"
},
{
"name": "CVE-2020-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0165"
},
{
"name": "CVE-2020-0120",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0120"
},
{
"name": "CVE-2019-19529",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
},
{
"name": "CVE-2020-0137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0137"
},
{
"name": "CVE-2020-0206",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0206"
},
{
"name": "CVE-2020-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0216"
},
{
"name": "CVE-2020-0204",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0204"
},
{
"name": "CVE-2020-0177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0177"
},
{
"name": "CVE-2020-0194",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0194"
},
{
"name": "CVE-2020-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0095"
},
{
"name": "CVE-2020-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3660"
},
{
"name": "CVE-2020-0212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0212"
},
{
"name": "CVE-2020-3658",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3658"
},
{
"name": "CVE-2020-0153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0153"
},
{
"name": "CVE-2020-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0211"
},
{
"name": "CVE-2020-0234",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0234"
},
{
"name": "CVE-2020-3661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3661"
},
{
"name": "CVE-2020-0199",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0199"
},
{
"name": "CVE-2020-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0210"
},
{
"name": "CVE-2020-0161",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0161"
},
{
"name": "CVE-2017-9704",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9704"
},
{
"name": "CVE-2020-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0168"
},
{
"name": "CVE-2019-10501",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10501"
},
{
"name": "CVE-2019-19543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
},
{
"name": "CVE-2019-10626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10626"
},
{
"name": "CVE-2020-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0144"
},
{
"name": "CVE-2020-0233",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0233"
},
{
"name": "CVE-2020-0160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0160"
},
{
"name": "CVE-2019-19526",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
},
{
"name": "CVE-2020-0187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0187"
},
{
"name": "CVE-2020-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0167"
},
{
"name": "CVE-2020-0118",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0118"
},
{
"name": "CVE-2020-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0179"
},
{
"name": "CVE-2020-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3614"
},
{
"name": "CVE-2020-0145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0145"
},
{
"name": "CVE-2020-0171",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0171"
},
{
"name": "CVE-2020-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3642"
},
{
"name": "CVE-2020-0151",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0151"
},
{
"name": "CVE-2020-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0185"
},
{
"name": "CVE-2020-0115",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0115"
},
{
"name": "CVE-2020-0147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0147"
},
{
"name": "CVE-2020-0113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0113"
},
{
"name": "CVE-2019-19071",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19071"
},
{
"name": "CVE-2020-0141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0141"
},
{
"name": "CVE-2019-18683",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
},
{
"name": "CVE-2020-0133",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0133"
},
{
"name": "CVE-2020-0140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0140"
},
{
"name": "CVE-2019-19767",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
},
{
"name": "CVE-2020-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0131"
},
{
"name": "CVE-2020-3662",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3662"
},
{
"name": "CVE-2020-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0139"
},
{
"name": "CVE-2020-0143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0143"
},
{
"name": "CVE-2020-0136",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0136"
},
{
"name": "CVE-2020-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0169"
},
{
"name": "CVE-2020-0186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0186"
},
{
"name": "CVE-2020-0132",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0132"
},
{
"name": "CVE-2020-0149",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0149"
},
{
"name": "CVE-2019-2219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2219"
},
{
"name": "CVE-2020-0172",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0172"
},
{
"name": "CVE-2020-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0156"
},
{
"name": "CVE-2020-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0158"
},
{
"name": "CVE-2020-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3676"
},
{
"name": "CVE-2020-0124",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0124"
},
{
"name": "CVE-2020-0203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0203"
},
{
"name": "CVE-2020-0142",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0142"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2020-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3635"
},
{
"name": "CVE-2020-0232",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0232"
},
{
"name": "CVE-2020-0116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0116"
},
{
"name": "CVE-2020-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0215"
},
{
"name": "CVE-2020-8428",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8428"
},
{
"name": "CVE-2020-0154",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0154"
},
{
"name": "CVE-2020-0134",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0134"
},
{
"name": "CVE-2020-0164",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0164"
},
{
"name": "CVE-2019-14080",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14080"
},
{
"name": "CVE-2019-17666",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
},
{
"name": "CVE-2020-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0155"
},
{
"name": "CVE-2020-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0217"
},
{
"name": "CVE-2020-0163",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0163"
},
{
"name": "CVE-2020-0170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0170"
},
{
"name": "CVE-2020-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0114"
},
{
"name": "CVE-2020-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0235"
},
{
"name": "CVE-2020-0191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0191"
},
{
"name": "CVE-2020-0188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0188"
},
{
"name": "CVE-2019-14092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14092"
},
{
"name": "CVE-2020-0127",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0127"
},
{
"name": "CVE-2020-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0213"
},
{
"name": "CVE-2020-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0196"
},
{
"name": "CVE-2020-0193",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0193"
},
{
"name": "CVE-2020-0126",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0126"
},
{
"name": "CVE-2020-0121",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0121"
},
{
"name": "CVE-2019-10597",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10597"
},
{
"name": "CVE-2019-14076",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14076"
},
{
"name": "CVE-2020-0181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0181"
},
{
"name": "CVE-2020-0135",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0135"
},
{
"name": "CVE-2019-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14062"
},
{
"name": "CVE-2020-0183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0183"
},
{
"name": "CVE-2020-0117",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0117"
},
{
"name": "CVE-2020-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3628"
},
{
"name": "CVE-2020-0148",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0148"
},
{
"name": "CVE-2020-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0166"
},
{
"name": "CVE-2019-14073",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14073"
},
{
"name": "CVE-2020-0208",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0208"
},
{
"name": "CVE-2020-0162",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0162"
},
{
"name": "CVE-2019-14047",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14047"
},
{
"name": "CVE-2020-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0207"
},
{
"name": "CVE-2019-9460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9460"
},
{
"name": "CVE-2020-0200",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0200"
},
{
"name": "CVE-2020-0190",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0190"
},
{
"name": "CVE-2019-14094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14094"
},
{
"name": "CVE-2020-0173",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0173"
},
{
"name": "CVE-2020-0152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0152"
},
{
"name": "CVE-2020-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0138"
},
{
"name": "CVE-2020-0195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0195"
},
{
"name": "CVE-2020-8647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8647"
},
{
"name": "CVE-2020-0128",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0128"
},
{
"name": "CVE-2020-0219",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0219"
},
{
"name": "CVE-2020-0184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0184"
},
{
"name": "CVE-2020-0223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0223"
},
{
"name": "CVE-2020-0180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0180"
},
{
"name": "CVE-2020-0125",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0125"
},
{
"name": "CVE-2020-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0209"
},
{
"name": "CVE-2020-0198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0198"
},
{
"name": "CVE-2019-18786",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18786"
},
{
"name": "CVE-2020-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0119"
},
{
"name": "CVE-2020-0175",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0175"
},
{
"name": "CVE-2020-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0129"
},
{
"name": "CVE-2020-8597",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8597"
},
{
"name": "CVE-2019-16275",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16275"
},
{
"name": "CVE-2020-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3665"
},
{
"name": "CVE-2020-0182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0182"
},
{
"name": "CVE-2020-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0205"
},
{
"name": "CVE-2020-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3626"
},
{
"name": "CVE-2020-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0192"
},
{
"name": "CVE-2019-14091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14091"
},
{
"name": "CVE-2020-0150",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0150"
},
{
"name": "CVE-2020-0189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0189"
},
{
"name": "CVE-2020-0178",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0178"
},
{
"name": "CVE-2020-0202",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0202"
},
{
"name": "CVE-2020-0157",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0157"
},
{
"name": "CVE-2020-0146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0146"
},
{
"name": "CVE-2020-3663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3663"
},
{
"name": "CVE-2020-0214",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0214"
},
{
"name": "CVE-2020-0174",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0174"
},
{
"name": "CVE-2020-0159",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0159"
},
{
"name": "CVE-2020-0218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0218"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2020-0201",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0201"
}
],
"initial_release_date": "2020-06-02T00:00:00",
"last_revision_date": "2020-06-02T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-331",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-06-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 01 juin 2020",
"url": "https://source.android.com/security/bulletin/2020-06-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pixel du 01 juin 2020",
"url": "https://source.android.com/security/bulletin/pixel/2020-06-01"
}
]
}
CNVD-2019-45907
Vulnerability from cnvd - Published: 2019-12-17
VLAI
Title
Linux kernel内存错误引用漏洞(CNVD-2019-45907)
Description
Linux kernel是一种计算机操作系统内核,以C语言和汇编语言写成,符合POSIX标准,按GNU通用公共许可证发行。
Linux kernel 5.3.11之前版本存在内存错误引用漏洞。攻击者可通过恶意USB设备利用该漏洞导致释放后重用。
Severity
中
Patch Name
Linux kernel内存错误引用漏洞(CNVD-2019-45907)的补丁
Patch Description
Linux kernel是一种计算机操作系统内核,以C语言和汇编语言写成,符合POSIX标准,按GNU通用公共许可证发行。
Linux kernel 5.3.11之前版本存在内存错误引用漏洞。攻击者可通过恶意USB设备利用该漏洞导致释放后重用。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-19529
Impacted products
| Name | Linux Linux kernel <5.3.11 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-19529",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-19529"
}
},
"description": "Linux kernel\u662f\u4e00\u79cd\u8ba1\u7b97\u673a\u64cd\u4f5c\u7cfb\u7edf\u5185\u6838\uff0c\u4ee5C\u8bed\u8a00\u548c\u6c47\u7f16\u8bed\u8a00\u5199\u6210\uff0c\u7b26\u5408POSIX\u6807\u51c6\uff0c\u6309GNU\u901a\u7528\u516c\u5171\u8bb8\u53ef\u8bc1\u53d1\u884c\u3002\n\nLinux kernel 5.3.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6076\u610fUSB\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u91ca\u653e\u540e\u91cd\u7528\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1ahttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-45907",
"openTime": "2019-12-17",
"patchDescription": "Linux kernel\u662f\u4e00\u79cd\u8ba1\u7b97\u673a\u64cd\u4f5c\u7cfb\u7edf\u5185\u6838\uff0c\u4ee5C\u8bed\u8a00\u548c\u6c47\u7f16\u8bed\u8a00\u5199\u6210\uff0c\u7b26\u5408POSIX\u6807\u51c6\uff0c\u6309GNU\u901a\u7528\u516c\u5171\u8bb8\u53ef\u8bc1\u53d1\u884c\u3002\r\n\r\nLinux kernel 5.3.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6076\u610fUSB\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u91ca\u653e\u540e\u91cd\u7528\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2019-45907\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux Linux kernel \u003c5.3.11"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-19529",
"serverity": "\u4e2d",
"submitTime": "2019-12-04",
"title": "Linux kernel\u5185\u5b58\u9519\u8bef\u5f15\u7528\u6f0f\u6d1e\uff08CNVD-2019-45907\uff09"
}
FKIE_CVE-2019-19529
Vulnerability from fkie_nvd - Published: 2019-12-03 16:15 - Updated: 2024-11-21 04:34
Severity
Summary
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBC7FC6-5284-45A6-AEF0-98EE91D9A0A5",
"versionEndExcluding": "5.3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."
},
{
"lang": "es",
"value": "En el kernel de Linux versiones anteriores a 5.3.11, se presenta un bug de uso de la memoria previamente liberada que puede ser causado por un dispositivo USB malicioso en el controlador del archivo drivers/net/can/usb/mcba_usb.c, tambi\u00e9n se conoce como CID-4d6636498c41."
}
],
"id": "CVE-2019-19529",
"lastModified": "2024-11-21T04:34:54.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-03T16:15:13.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-2PFW-56Q4-CFV3
Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2022-05-24 17:02
VLAI
Details
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
{
"affected": [],
"aliases": [
"CVE-2019-19529"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-03T16:15:00Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"id": "GHSA-2pfw-56q4-cfv3",
"modified": "2022-05-24T17:02:34Z",
"published": "2022-05-24T17:02:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19529"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4225-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4225-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4226-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4227-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4227-2"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2019-19529
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-19529",
"description": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"id": "GSD-2019-19529",
"references": [
"https://www.suse.com/security/cve/CVE-2019-19529.html",
"https://ubuntu.com/security/CVE-2019-19529"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-19529"
],
"details": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"id": "GSD-2019-19529",
"modified": "2023-12-13T01:23:54.424580Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"name": "openSUSE-SU-2019:2675",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"name": "USN-4227-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"name": "USN-4226-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "USN-4225-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"name": "USN-4227-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"name": "USN-4225-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.3.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19529"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d6636498c41891d0482a914dd570343a838ad79"
},
{
"name": "[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/03/4"
},
{
"name": "openSUSE-SU-2019:2675",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
},
{
"name": "USN-4227-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-1/"
},
{
"name": "USN-4225-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-1/"
},
{
"name": "USN-4226-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "USN-4227-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4227-2/"
},
{
"name": "USN-4225-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4225-2/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-08-12T14:17Z",
"publishedDate": "2019-12-03T16:15Z"
}
}
}
OPENSUSE-SU-2019:2675-1
Vulnerability from csaf_opensuse - Published: 2019-12-12 09:15 - Updated: 2019-12-12 09:15Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-15211: There was a use-after-free caused by a malicious USB device in drivers/media/v4l2-core/v4l2-dev.c (bnc#1146519).
- CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544).
- CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bnc#1158427 1158445).
- CVE-2019-19543: There is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427).
- CVE-2019-19525: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035 (bnc#1158417).
- CVE-2019-19530: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bnc#1158410).
- CVE-2019-19536: There is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0 (bnc#1158394).
- CVE-2019-19524: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bnc#1158413).
- CVE-2019-19528: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d (bnc#1158407).
- CVE-2019-19534: There is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29 (bnc#1158398).
- CVE-2019-19529: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41 (bnc#1158381).
- CVE-2019-14901: A heap overflow flaw was found in the Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042).
- CVE-2019-14895: A heap-based buffer overflow was discovered in the Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).
- CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038).
- CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid, which was exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897).
- CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c allowed attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559 (bnc#1156258).
- CVE-2019-19046: A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c was fixed (bnc#1157304).
- CVE-2019-19078: A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2 (bnc#1157032).
- CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042 (bnc#1157333).
- CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e (bnc#1157193).
- CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932 (bnc#1157197).
- CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6 (bnc#1157307).
- CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allowed attackers to cause a denial of service (memory consumption), aka CID-3f9361695113 (bnc#1157298).
- CVE-2019-19227: In the AppleTalk subsystem there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122 (bnc#1157678).
- CVE-2019-19081: A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c allowed attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a (bnc#1157045).
- CVE-2019-19080: Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c allowed attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a (bnc#1157044).
- CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e (bnc#1157191).
- CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14 (bnc#1157171).
- CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486 (bnc#1157324).
- CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c were fixed. (bnc#1157180).
- CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c allowed attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41 (bnc#1157178).
- CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c was fixed. (bnc#1157173).
- CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e (bnc#1157162).
- CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5 (bnc#1157145).
- CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c allowed attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4 (bnc#1157143).
- CVE-2019-19073: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10 (bnc#1157070).
- CVE-2019-19083: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc allowed attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1 (bnc#1157049).
- CVE-2019-19082: Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc allowed attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad (bnc#1157046).
- CVE-2019-15916: There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448).
The following non-security bugs were fixed:
- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).
- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).
- ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge (bsc#1111666).
- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).
- acpi/nfit, device-dax: Identify differentiated memory with a unique numa-node (bsc#1158071).
- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).
- ALSA: 6fire: Drop the dead code (git-fixes).
- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).
- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).
- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).
- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).
- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).
- ALSA: hda: Fix racy display power access (bsc#1156928).
- ALSA: hda/hdmi - Clear codec->relaxed_resume flag at unbinding (git-fixes).
- ALSA: hda: hdmi - fix port numbering for ICL and TGL platforms (git-fixes).
- ALSA: hda: hdmi - remove redundant code comments (git-fixes).
- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).
- ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC (git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes).
- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).
- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).
- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).
- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).
- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).
- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).
- ALSA: pcm: Yet another missing check of non-cached buffer type (bsc#1111666).
- ALSA: seq: Do error checks at creating system ports (bsc#1051510).
- ALSA: usb-audio: Add skip_validation option (git-fixes).
- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).
- ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() (git-fixes).
- ALSA: usb-audio: Fix incorrect size check for processing/extension units (git-fixes).
- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).
- ALSA: usb-audio: Fix NULL dereference at parsing BADD (git-fixes).
- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).
- ALSA: usb-audio: sound: usb: usb true/false for bool return type (git-fixes).
- appledisplay: fix error handling in the scheduled work (git-fixes).
- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.
- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).
- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).
- ASoC: dpcm: Properly initialise hw->rate_max (bsc#1051510).
- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).
- ASoC: kirkwood: fix external clock probe defer (git-fixes).
- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).
- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).
- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).
- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).
- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).
- ata: ep93xx: Use proper enums for directions (bsc#1051510).
- ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem (bsc#1111666).
- ath10k: avoid possible memory access violation (bsc#1111666).
- ath10k: Correct error handling of dma_map_single() (bsc#1111666).
- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).
- ath10k: fix vdev-start timeout on error (bsc#1051510).
- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).
- ath10k: skip resetting rx filter for WCN3990 (bsc#1111666).
- ath10k: wmi: disable softirq's while calling ieee80211_rx (bsc#1051510).
- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).
- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).
- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).
- ath9k: fix tx99 with monitor mode interface (bsc#1051510).
- ath9k_hw: fix uninitialized variable data (bsc#1051510).
- ax88172a: fix information leak on short answers (bsc#1051510).
- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).
- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).
- Bluetooth: delete a stray unlock (bsc#1051510).
- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).
- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).
- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).
- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).
- bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands (bsc#1104745).
- bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands (bsc#1104745 FATE#325918).
- bnxt_en: Update firmware interface spec. to 1.10.0.47 (bsc#1157115)
- bnxt_en: Update firmware interface spec. to 1.10.0.89 (bsc#1157115)
- bnxt_en: Update firmware interface to 1.10.0.69 (bsc#1157115)
- bpf: fix BTF limits (bsc#1109837).
- bpf: fix BTF verification of enums (bsc#1109837).
- bpf: Fix use after free in subprog's jited symbol removal (bsc#1109837).
- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).
- brcmfmac: fix wrong strnchr usage (bsc#1111666).
- brcmfmac: increase buffer for obtaining firmware capabilities (bsc#1111666).
- brcmfmac: reduce timeout for action frame scan (bsc#1051510).
- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).
- brcmsmac: never log 'tid x is not agg'able' by default (bsc#1051510).
- brcmsmac: Use kvmalloc() for ucode allocations (bsc#1111666).
- btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).
- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).
- can: mcba_usb: fix use-after-free on disconnect (git-fixes).
- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).
- can: peak_usb: fix slab info leak (git-fixes).
- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).
- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).
- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).
- can: usb_8dev: fix use-after-free on disconnect (git-fixes).
- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).
- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).
- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).
- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).
- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).
- cfg80211: call disconnect_wk when AP stops (bsc#1051510).
- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).
- cfg80211: validate wmm rule when setting (bsc#1111666).
- cgroup,writeback: do not switch wbs immediately on dead wbs if the memcg is dead (bsc#1158645).
- cifs: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).
- cifs: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).
- cifs: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).
- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).
- cifs: fix max ea value size (bsc#1144333, bsc#1154355).
- cifs: Fix missed free operations (bsc#1144333, bsc#1154355).
- cifs: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).
- cifs: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).
- cifs: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).
- cifs: Fix use after free of file info structures (bsc#1144333, bsc#1154355).
- cifs: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).
- cifs: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).
- cifs: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).
- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).
- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).
- cifs: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).
- cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).
- cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).
- cifs: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).
- clk: at91: avoid sleeping early (git-fixes).
- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).
- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).
- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).
- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).
- clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 (git-fixes).
- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).
- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).
- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).
- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).
- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).
- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).
- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).
- cpufreq: Skip cpufreq resume if it's not suspended (bsc#1051510).
- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).
- cpupower: Fix coredump on VMWare (bsc#1051510).
- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).
- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).
- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).
- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).
- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).
- crypto: fix a memory leak in rsa-kcs1pad's encryption mode (bsc#1051510).
- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).
- crypto: mxs-dcp - Fix AES issues (bsc#1051510).
- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).
- crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static (bsc#1051510).
- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).
- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).
- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).
- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).
- cxgb4: request the TX CIDX updates to status page (bsc#1127354 bsc#1127371).
- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).
- dlm: do not leak kernel pointer to userspace (bsc#1051510).
- dlm: fix invalid free (bsc#1051510).
- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).
- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).
- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).
- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).
- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).
- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).
- docs: move protection-keys.rst to the core-api book (bsc#1078248).
- docs: move protection-keys.rst to the core-api book (FATE#322447, bsc#1078248).
- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).
- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).
- Documentation: x86: convert protection-keys.txt to reST (FATE#322447, bsc#1078248).
- drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1111666).
- drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported (bsc#1113956)
- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)
- drm: fix module name in edid_firmware log message (bsc#1113956)
- drm/i915: Do not dereference request if it may have been retired when (bsc#1142635)
- drm/i915: Fix and improve MCR selection logic (bsc#1112178)
- drm/i915/gvt: fix dropping obj reference twice (bsc#1111666).
- drm/i915: Lock the engine while dumping the active request (bsc#1142635)
- drm/i915/pmu: 'Frequency' is reported as accumulated cycles (bsc#1112178)
- drm/i915: Reacquire priolist cache after dropping the engine lock (bsc#1129770)
- drm/i915: Skip modeset for cdclk changes if possible (bsc#1156928).
- drm/msm: fix memleak on release (bsc#1111666).
- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)
- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).
- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)
- Drop scsi-qla2xxx-Fix-memory-leak-when-sending-I-O-fails.patch This patch has introduces an double free. Upstream has dropped it from the scsi-queue before it hit mainline. So let's drop it as well.
- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).
- e1000e: Use dev_get_drvdata where possible (bsc#1158049).
- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).
- ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable (bsc#1158646).
- ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either (bsc#1158647).
- EDAC/ghes: Fix locking and memory barrier issues (bsc#1114279). EDAC/ghes: Do not warn when incrementing refcount on 0 (bsc#1114279).
- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).
- ext4: fix punch hole for inline_data file systems (bsc#1158640).
- ext4: update direct I/O read lock pattern for IOCB_NOWAIT (bsc#1158639).
- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).
- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).
- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).
- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).
- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).
- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).
- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).
- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).
- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).
- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).
- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).
- HID: Fix assumption that devices have inputs (git-fixes).
- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).
- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).
- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).
- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).
- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).
- hypfs: Fix error number left in struct pointer member (bsc#1051510).
- i2c: of: Try to find an I2C adapter matching the parent (bsc#1129770)
- i40e: enable X710 support (bsc#1151067).
- IB/mlx5: Free mpi in mp_slave mode (bsc#1103991).
- IB/mlx5: Free mpi in mp_slave mode (bsc#1103991 FATE#326007).
- IB/mlx5: Support MLX5_CMD_OP_QUERY_LAG as a DEVX general command (bsc#1103991).
- IB/mlx5: Support MLX5_CMD_OP_QUERY_LAG as a DEVX general command (bsc#1103991 FATE#326007).
- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).
- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).
- ice: fix potential infinite loop because loop counter being too small (bsc#1118661).
- ice: fix potential infinite loop because loop counter being too small (bsc#1118661 FATE#325277).
- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).
- iio: adc: stm32-adc: fix stopping dma (git-fixes).
- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).
- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).
- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).
- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).
- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).
- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).
- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).
- Input: ff-memless - kill timer in destroy() (bsc#1051510).
- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).
- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).
- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).
- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).
- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).
- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).
- Input: synaptics-rmi4 - fix video buffer size (git-fixes).
- intel_th: Fix a double put_device() in error path (git-fixes).
- iomap: Fix pipe page leakage during splicing (bsc#1158651).
- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).
- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).
- ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (networking-stable-19_10_24).
- irqdomain: Add the missing assignment of domain->fwnode for named fwnode (bsc#1111666).
- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).
- iwlwifi: check kasprintf() return value (bsc#1051510).
- iwlwifi: drop packets with bad status in CD (bsc#1111666).
- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).
- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).
- iwlwifi: mvm: use correct FIFO length (bsc#1111666).
- iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN (bsc#1111666).
- iwlwifi: pcie: read correct prph address for newer devices (bsc#1111666).
- ixgbe: fix double clean of Tx descriptors with xdp (bsc#1113994 ).
- ixgbe: fix double clean of Tx descriptors with xdp (bsc#1113994 FATE#326315 FATE#326317).
- ixgbevf: Fix secpath usage for IPsec Tx offload (bsc#1113994 ).
- ixgbevf: Fix secpath usage for IPsec Tx offload (bsc#1113994 FATE#326315 FATE#326317).
- kABI: Fix for 'KVM: x86: Introduce vcpu->arch.xsaves_enabled' (bsc#1158066).
- kABI fixup alloc_dax_region (bsc#1158071).
- kabi: s390: struct subchannel (git-fixes).
- kABI workaround for ath10k hw_filter_reset_required field (bsc#1111666).
- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).
- kABI workaround for iwlwifi iwl_rx_cmd_buffer change (bsc#1111666).
- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).
- KVM: s390: fix __insn32_query() inline assembly (git-fixes).
- KVM: s390: vsie: Do not shadow CRYCB when no AP and no keys (git-fixes).
- KVM: s390: vsie: Return correct values for Invalid CRYCB format (git-fixes).
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).
- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).
- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).
- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).
- KVM: x86: Introduce vcpu->arch.xsaves_enabled (bsc#1158066).
- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).
- libnvdimm: Export the target_node attribute for regions and namespaces (bsc#1158071).
- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).
- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).
- liquidio: fix race condition in instruction completion processing (bsc#1051510).
- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).
- livepatch: Allow to distinguish different version of system state changes (bsc#1071995 fate#323487).
- livepatch: Basic API to track system state changes (bsc#1071995 ).
- livepatch: Basic API to track system state changes (bsc#1071995 fate#323487).
- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).
- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995 fate#323487).
- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).
- livepatch: Selftests of the API for tracking system state changes (bsc#1071995 fate#323487).
- loop: add ioctl for changing logical block size (bsc#1108043).
- loop: fix no-unmap write-zeroes request behavior (bsc#1158637).
- lpfc: size cpu map by last cpu id set (bsc#1157160).
- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).
- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).
- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).
- macvlan: schedule bc_work even if error (bsc#1051510).
- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).
- media: au0828: Fix incorrect error messages (bsc#1051510).
- media: bdisp: fix memleak on release (git-fixes).
- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).
- media: davinci: Fix implicit enum conversion warning (bsc#1051510).
- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).
- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).
- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).
- media: imon: invalid dereference in imon_touch_event (bsc#1051510).
- media: isif: fix a NULL pointer dereference bug (bsc#1051510).
- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).
- media: pxa_camera: Fix check for pdev->dev.of_node (bsc#1051510).
- media: radio: wl1273: fix interrupt masking on release (git-fixes).
- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).
- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).
- media: vim2m: Fix abort issue (git-fixes).
- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).
- mei: fix modalias documentation (git-fixes).
- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).
- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).
- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).
- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).
- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).
- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).
- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).
- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095) Fix badly backported patch
- mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions (bsc#1112374).
- mmc: core: fix wl1251 sdio quirks (git-fixes).
- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).
- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).
- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).
- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).
- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).
- mmc: sdio: fix wl1251 vendor id (git-fixes).
- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).
- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).
- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).
- mt76x0: init hw capabilities.
- mtd: nand: mtk: fix incorrect register setting order about ecc irq.
- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).
- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).
- mwifex: free rx_cmd skb in suspended state (bsc#1111666).
- mwifiex: do no submit URB in suspended state (bsc#1111666).
- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).
- nbd: prevent memory leak (bsc#1158638).
- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).
- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).
- net: annotate accesses to sk->sk_incoming_cpu (networking-stable-19_11_05).
- net: annotate lockless accesses to sk->sk_napi_id (networking-stable-19_11_05).
- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).
- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).
- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).
- net: bcmgenet: Set phydev->dev_flags only for internal PHYs (networking-stable-19_10_24).
- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).
- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).
- net: dsa: fix switch tree list (networking-stable-19_11_05).
- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).
- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).
- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).
- net: hns3: change GFP flag during lock period (bsc#1104353 ).
- net: hns3: change GFP flag during lock period (bsc#1104353 FATE#326415).
- net: hns3: do not query unsupported commands in debugfs (bsc#1104353).
- net: hns3: do not query unsupported commands in debugfs (bsc#1104353 FATE#326415).
- net: hns3: fix GFP flag error in hclge_mac_update_stats() (bsc#1126390).
- net: hns3: fix some reset handshake issue (bsc#1104353 ).
- net: hns3: fix some reset handshake issue (bsc#1104353 FATE#326415).
- net: hns3: prevent unnecessary MAC TNL interrupt (bsc#1104353 bsc#1134983).
- net: hns3: prevent unnecessary MAC TNL interrupt (bsc#1104353 FATE#326415 bsc#1134983).
- net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bsc#1104353).
- net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bsc#1104353 FATE#326415).
- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).
- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).
- net/mlx5e: Fix eswitch debug print of max fdb flow (bsc#1103990 ).
- net/mlx5e: Fix eswitch debug print of max fdb flow (bsc#1103990 FATE#326006).
- net/mlx5e: Fix ethtool self test: link speed (bsc#1103990 ).
- net/mlx5e: Fix ethtool self test: link speed (bsc#1103990 FATE#326006).
- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).
- net/mlx5e: Print a warning when LRO feature is dropped or not allowed (bsc#1103990).
- net/mlx5e: Print a warning when LRO feature is dropped or not allowed (bsc#1103990 FATE#326006).
- net/mlx5: FWTrace, Reduce stack usage (bsc#1103990).
- net/mlx5: FWTrace, Reduce stack usage (bsc#1103990 FATE#326006).
- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).
- net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bsc#1119113 ).
- net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bsc#1119113 FATE#326472).
- net: phylink: Fix flow control resolution (bsc#1119113 ).
- net: phylink: Fix flow control resolution (bsc#1119113 FATE#326472).
- net: sched: cbs: Avoid division by zero when calculating the port rate (bsc#1109837).
- net/sched: cbs: Fix not adding cbs instance to list (bsc#1109837).
- net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate (bsc#1109837).
- net: sched: fix possible crash in tcf_action_destroy() (bsc#1109837).
- net: sched: fix reordering issues (bsc#1109837).
- net/smc: avoid fallback in case of non-blocking connect (git-fixes).
- net/smc: do not schedule tx_work in SMC_CLOSED state (git-fixes).
- net/smc: fix closing of fallback SMC sockets (git-fixes).
- net/smc: Fix error path in smc_init (git-fixes).
- net/smc: fix ethernet interface refcounting (git-fixes).
- net/smc: fix fastopen for non-blocking connect() (git-fixes).
- net/smc: fix refcounting for non-blocking connect() (git-fixes).
- net/smc: fix refcount non-blocking connect() -part 2 (git-fixes).
- net/smc: fix SMCD link group creation with VLAN id (git-fixes).
- net/smc: keep vlan_id for SMC-R in smc_listen_work() (git-fixes).
- net/smc: original socket family in inet_sock_diag (git-fixes).
- net: sock_map, fix missing ulp check in sock hash case (bsc#1109837).
- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).
- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).
- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).
- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).
- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).
- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).
- nfc: netlink: fix double device reference drop (git-fixes).
- NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).
- nfc: port100: handle command failure cleanly (git-fixes).
- nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (bsc#1109837).
- nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (bsc#1109837).
- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).
- nvme-tcp: support C2HData with SUCCESS flag (bsc#1157386).
- ocfs2: fix panic due to ocfs2_wq is null (bsc#1158644).
- ocfs2: fix passing zero to 'PTR_ERR' warning (bsc#1158649).
- openvswitch: fix flow command message size (git-fixes).
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).
- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).
- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).
- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).
- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).
- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).
- PCI: pciehp: Do not disable interrupt twice on suspend (bsc#1111666).
- PCI/PM: Clear PCIe PME Status even for legacy power management (bsc#1111666).
- PCI/PME: Fix possible use-after-free on remove (git-fixes).
- PCI/PTM: Remove spurious 'd' from granularity message (bsc#1051510).
- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).
- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).
- PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 (git-fixes).
- perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp (bsc#1142924).
- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).
- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).
- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).
- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).
- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).
- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).
- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).
- pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' (bsc#1051510).
- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).
- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).
- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).
- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).
- PM / devfreq: passive: fix compiler warning (bsc#1051510).
- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).
- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).
- powerpc/bpf: Fix tail call implementation (bsc#1157698).
- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).
- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).
- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).
- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).
- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).
- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).
- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).
- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).
- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).
- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).
- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).
- printk: Export console_printk (bsc#1071995).
- printk: Export console_printk (bsc#1071995 fate#323487).
- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).
- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).
- qxl: fix null-pointer crash during suspend (bsc#1111666).
- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).
- RDMA/bnxt_re: Fix stat push into dma buffer on gen p5 devices (bsc#1157115)
- RDMA/efa: Clear the admin command buffer prior to its submission (git-fixes) Patch was already picked through Amazon driver repo but was not marked with a Git-commit tag
- RDMA/hns: Fix comparison of unsigned long variable 'end' with less than zero (bsc#1104427 bsc#1137236).
- RDMA/hns: Fix comparison of unsigned long variable 'end' with less than zero (bsc#1104427 FATE#326416 bsc#1137236).
- RDMA/hns: Fix wrong assignment of qp_access_flags (bsc#1104427 ).
- RDMA/hns: Fix wrong assignment of qp_access_flags (bsc#1104427 FATE#326416).
- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).
- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).
- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).
- Remove patches that reportedly cause regression (bsc#1155689 ltc#182047).
- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).
- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).
- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).
- Revert 'drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)' This reverts commit 71e3a1b8d8cf73f711f3e4100aa51f68e631f94f. ATM the backported patch does not build on x86.
- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.
- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)
- rt2800: remove errornous duplicate condition (git-fixes).
- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).
- rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface (bsc#1111666).
- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).
- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).
- s390/bpf: fix lcgr instruction encoding (bsc#1051510).
- s390/bpf: use 32-bit index for tail calls (bsc#1051510).
- s390/cio: avoid calling strlen on null pointer (bsc#1051510).
- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).
- s390/cio: fix virtio-ccw DMA without PV (git-fixes).
- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).
- s390: fix stfle zero padding (bsc#1051510).
- s390/idle: fix cpu idle time calculation (bsc#1051510).
- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).
- s390/process: avoid potential reading of freed stack (bsc#1051510).
- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).
- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).
- s390/qeth: return proper errno on IO error (bsc#1051510).
- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).
- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).
- s390/topology: avoid firing events before kobjs are created (bsc#1051510).
- s390: vsie: Use effective CRYCBD.31 to check CRYCBD validity (git-fixes).
- s390/zcrypt: fix memleak at release (git-fixes).
- scsi: lpfc: Add enablement of multiple adapter dumps (bsc#1154601).
- scsi: lpfc: Add registration for CPU Offline/Online events (bsc#1154601).
- scsi: lpfc: Change default IRQ model on AMD architectures (bsc#1154601).
- scsi: lpfc: Clarify FAWNN error message (bsc#1154601).
- scsi: lpfc: Fix a kernel warning triggered by lpfc_get_sgl_per_hdwq() (bsc#1154601).
- scsi: lpfc: Fix a kernel warning triggered by lpfc_sli4_enable_intr() (bsc#1154601).
- scsi: lpfc: fix build error of lpfc_debugfs.c for vfree/vmalloc (bsc#1154601).
- scsi: lpfc: Fix configuration of BB credit recovery in service parameters (bsc#1154601).
- scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences (bsc#1154601).
- scsi: lpfc: fix: Coverity: lpfc_get_scsi_buf_s3(): Null pointer dereferences (bsc#1154601).
- scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow (bsc#1154601).
- scsi: lpfc: Fix dynamic fw log enablement check (bsc#1154601).
- scsi: lpfc: fix inlining of lpfc_sli4_cleanup_poll_list() (bsc#1154601).
- scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce (bsc#1154601).
- scsi: lpfc: Fix lpfc_cpumask_of_node_init() (bsc#1154601).
- scsi: lpfc: Fix NULL check before mempool_destroy is not needed (bsc#1154601).
- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).
- scsi: lpfc: fix spelling error in MAGIC_NUMER_xxx (bsc#1154601).
- scsi: lpfc: Fix unexpected error messages during RSCN handling (bsc#1154601).
- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).
- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1154601).
- scsi: lpfc: Initialize cpu_map for not present cpus (bsc#1154601).
- scsi: lpfc: lpfc_attr: Fix Use plain integer as NULL pointer (bsc#1154601).
- scsi: lpfc: lpfc_nvmet: Fix Use plain integer as NULL pointer (bsc#1154601).
- scsi: lpfc: Make lpfc_debugfs_ras_log_data static (bsc#1154601).
- scsi: lpfc: Mitigate high memory pre-allocation by SCSI-MQ (bsc#1154601).
- scsi: lpfc: Raise config max for lpfc_fcp_mq_threshold variable (bsc#1154601).
- scsi: lpfc: revise nvme max queues to be hdwq count (bsc#1154601).
- scsi: lpfc: Sync with FC-NVMe-2 SLER change to require Conf with SLER (bsc#1154601).
- scsi: lpfc: Update lpfc version to 12.6.0.1 (bsc#1154601).
- scsi: lpfc: Update lpfc version to 12.6.0.2 (bsc#1154601).
- scsi: lpfc: use hdwq assigned cpu for allocation (bsc#1157160).
- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).
- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).
- scsi: qla2xxx: Use correct number of vectors for online CPUs (bsc#1137223).
- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).
- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).
- sctp: fix SCTP regression (bsc#1158082) (networking-stable-19_10_24 bsc#1158082).
- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).
- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).
- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).
- serial: uartps: Fix suspend functionality (bsc#1051510).
- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).
- slcan: Fix memory leak in error path (bsc#1051510).
- slip: Fix memory leak in slip_open error path (bsc#1051510).
- slip: Fix use-after-free Read in slip_open (bsc#1051510).
- smb3: fix leak in 'open on server' perf counter (bsc#1144333, bsc#1154355).
- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).
- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).
- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).
- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).
- soc: imx: gpc: fix PDN delay (bsc#1051510).
- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).
- Sort series.conf.
- spi: atmel: Fix CS high support (bsc#1051510).
- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).
- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).
- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).
- spi: mediatek: use correct mata->xfer_len when in fifo transfer (bsc#1051510).
- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).
- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).
- spi: spidev: Fix OF tree warning logic (bsc#1051510).
- supported.conf:
- synclink_gt(): fix compat_ioctl() (bsc#1051510).
- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).
- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).
- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).
- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).
- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable (bsc#1051510).
- tipc: compat: allow tipc commands without arguments (bsc#1051510).
- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).
- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).
- tipc: handle the err returned from cmd header function (bsc#1051510).
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).
- tipc: tipc clang warning (bsc#1051510).
- tools: bpftool: fix arguments for p_err() in do_event_pipe() (bsc#1109837).
- tools/power/x86/intel-speed-select: Fix a read overflow in isst_set_tdp_level_msr() (bsc#1111666).
- tpm: add check after commands attribs tab allocation (bsc#1051510).
- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: msm_serial: Fix flow control (bsc#1051510).
- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).
- tun: fix data-race in gro_normal_list() (bsc#1111666).
- UAS: Revert commit 3ae62a42090f ('UAS: fix alignment of scatter/gather segments').
- ubifs: Correctly initialize c->min_log_bytes (bsc#1158641).
- ubifs: Limit the number of pages in shrink_liability (bsc#1158643).
- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).
- Update patches.suse/ipv6-defrag-drop-non-last-frags-smaller-than-min-mtu.patch (add bsc#1141054).
- Update patches.suse/RDMA-Fix-goto-target-to-release-the-allocated-memory.patch (bsc#1050244 FATE#322915 bsc#1157171 CVE-2019-19077).
- USB: chaoskey: fix error case of a timeout (git-fixes).
- usb: chipidea: Fix otg event handler (bsc#1051510).
- usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).
- usb: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).
- usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).
- usb: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).
- usb: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).
- usb: gadget: uvc: Factor out video USB request queueing (bsc#1051510).
- usb: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).
- USBIP: add config dependency for SGL_ALLOC (git-fixes).
- usbip: Fix free of unallocated memory in vhci tx (git-fixes).
- usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).
- usbip: Implement SG support to vhci-hcd and stub driver (git-fixes).
- usbip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).
- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).
- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).
- USB: serial: mos7720: fix remote wakeup (git-fixes).
- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).
- USB: serial: mos7840: fix remote wakeup (git-fixes).
- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).
- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).
- usb: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).
- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).
- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).
- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).
- video/hdmi: Fix AVI bar unpack (git-fixes).
- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).
- virtio_ring: fix return code on DMA mapping fails (git-fixes).
- virtio/s390: fix race on airq_areas (bsc#1051510).
- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).
- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).
- watchdog: meson: Fix the wrong value of left time (bsc#1051510).
- wil6210: drop Rx multicast packets that are looped-back to STA (bsc#1111666).
- wil6210: fix debugfs memory access alignment (bsc#1111666).
- wil6210: fix invalid memory access for rx_buff_mgmt debugfs (bsc#1111666).
- wil6210: fix L2 RX status handling (bsc#1111666).
- wil6210: fix locking in wmi_call (bsc#1111666).
- wil6210: fix RGF_CAF_ICR address for Talyn-MB (bsc#1111666).
- wil6210: prevent usage of tx ring 0 for eDMA (bsc#1111666).
- wil6210: set edma variables only for Talyn-MB devices (bsc#1111666).
- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).
- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).
- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).
- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (FATE#322447, bsc#1078248).
- x86/pkeys: Update documentation about availability (bsc#1078248).
- x86/pkeys: Update documentation about availability (FATE#322447, bsc#1078248).
- x86/resctrl: Fix potential lockdep warning (bsc#1114279).
- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).
- xfrm: fix sa selector validation (bsc#1156609).
- xfrm: Fix xfrm sel prefix length validation (git-fixes).
- xfs: Sanity check flags of Q_XQUOTARM call (bsc#1158652).
- xsk: Fix registration of Rx-only sockets (bsc#1109837).
- xsk: relax UMEM headroom alignment (bsc#1109837).
Patchnames: openSUSE-2019-2675
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.7 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
276 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-15211: There was a use-after-free caused by a malicious USB device in drivers/media/v4l2-core/v4l2-dev.c (bnc#1146519).\n- CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544).\n- CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bnc#1158427 1158445).\n- CVE-2019-19543: There is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427).\n- CVE-2019-19525: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035 (bnc#1158417).\n- CVE-2019-19530: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bnc#1158410).\n- CVE-2019-19536: There is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0 (bnc#1158394).\n- CVE-2019-19524: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bnc#1158413).\n- CVE-2019-19528: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d (bnc#1158407).\n- CVE-2019-19534: There is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29 (bnc#1158398).\n- CVE-2019-19529: There is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41 (bnc#1158381).\n- CVE-2019-14901: A heap overflow flaw was found in the Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042).\n- CVE-2019-14895: A heap-based buffer overflow was discovered in the Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).\n- CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038).\n- CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid, which was exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897).\n- CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c allowed attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559 (bnc#1156258).\n- CVE-2019-19046: A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c was fixed (bnc#1157304).\n- CVE-2019-19078: A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2 (bnc#1157032).\n- CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042 (bnc#1157333).\n- CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e (bnc#1157193).\n- CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932 (bnc#1157197).\n- CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6 (bnc#1157307).\n- CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allowed attackers to cause a denial of service (memory consumption), aka CID-3f9361695113 (bnc#1157298).\n- CVE-2019-19227: In the AppleTalk subsystem there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122 (bnc#1157678).\n- CVE-2019-19081: A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c allowed attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a (bnc#1157045).\n- CVE-2019-19080: Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c allowed attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a (bnc#1157044).\n- CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e (bnc#1157191).\n- CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14 (bnc#1157171).\n- CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486 (bnc#1157324).\n- CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c were fixed. (bnc#1157180).\n- CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c allowed attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41 (bnc#1157178).\n- CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c was fixed. (bnc#1157173).\n- CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e (bnc#1157162).\n- CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5 (bnc#1157145).\n- CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c allowed attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4 (bnc#1157143).\n- CVE-2019-19073: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10 (bnc#1157070).\n- CVE-2019-19083: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc allowed attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1 (bnc#1157049).\n- CVE-2019-19082: Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc allowed attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad (bnc#1157046).\n- CVE-2019-15916: There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448).\n\nThe following non-security bugs were fixed:\n\n- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).\n- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).\n- ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge (bsc#1111666).\n- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).\n- acpi/nfit, device-dax: Identify differentiated memory with a unique numa-node (bsc#1158071).\n- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).\n- ALSA: 6fire: Drop the dead code (git-fixes).\n- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).\n- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).\n- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).\n- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).\n- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).\n- ALSA: hda: Fix racy display power access (bsc#1156928).\n- ALSA: hda/hdmi - Clear codec-\u003erelaxed_resume flag at unbinding (git-fixes).\n- ALSA: hda: hdmi - fix port numbering for ICL and TGL platforms (git-fixes).\n- ALSA: hda: hdmi - remove redundant code comments (git-fixes).\n- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).\n- ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC (git-fixes).\n- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi\u0027s laptop (git-fixes).\n- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).\n- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).\n- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).\n- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).\n- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).\n- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).\n- ALSA: pcm: Yet another missing check of non-cached buffer type (bsc#1111666).\n- ALSA: seq: Do error checks at creating system ports (bsc#1051510).\n- ALSA: usb-audio: Add skip_validation option (git-fixes).\n- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).\n- ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() (git-fixes).\n- ALSA: usb-audio: Fix incorrect size check for processing/extension units (git-fixes).\n- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).\n- ALSA: usb-audio: Fix NULL dereference at parsing BADD (git-fixes).\n- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).\n- ALSA: usb-audio: sound: usb: usb true/false for bool return type (git-fixes).\n- appledisplay: fix error handling in the scheduled work (git-fixes).\n- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.\n- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).\n- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).\n- ASoC: dpcm: Properly initialise hw-\u003erate_max (bsc#1051510).\n- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).\n- ASoC: kirkwood: fix external clock probe defer (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).\n- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).\n- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).\n- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).\n- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).\n- ata: ep93xx: Use proper enums for directions (bsc#1051510).\n- ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem (bsc#1111666).\n- ath10k: avoid possible memory access violation (bsc#1111666).\n- ath10k: Correct error handling of dma_map_single() (bsc#1111666).\n- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).\n- ath10k: fix vdev-start timeout on error (bsc#1051510).\n- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).\n- ath10k: skip resetting rx filter for WCN3990 (bsc#1111666).\n- ath10k: wmi: disable softirq\u0027s while calling ieee80211_rx (bsc#1051510).\n- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).\n- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).\n- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).\n- ath9k: fix tx99 with monitor mode interface (bsc#1051510).\n- ath9k_hw: fix uninitialized variable data (bsc#1051510).\n- ax88172a: fix information leak on short answers (bsc#1051510).\n- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).\n- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).\n- Bluetooth: delete a stray unlock (bsc#1051510).\n- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).\n- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).\n- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).\n- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).\n- bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands (bsc#1104745).\n- bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands (bsc#1104745 FATE#325918).\n- bnxt_en: Update firmware interface spec. to 1.10.0.47 (bsc#1157115)\n- bnxt_en: Update firmware interface spec. to 1.10.0.89 (bsc#1157115)\n- bnxt_en: Update firmware interface to 1.10.0.69 (bsc#1157115)\n- bpf: fix BTF limits (bsc#1109837).\n- bpf: fix BTF verification of enums (bsc#1109837).\n- bpf: Fix use after free in subprog\u0027s jited symbol removal (bsc#1109837).\n- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).\n- brcmfmac: fix wrong strnchr usage (bsc#1111666).\n- brcmfmac: increase buffer for obtaining firmware capabilities (bsc#1111666).\n- brcmfmac: reduce timeout for action frame scan (bsc#1051510).\n- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).\n- brcmsmac: never log \u0027tid x is not agg\u0027able\u0027 by default (bsc#1051510).\n- brcmsmac: Use kvmalloc() for ucode allocations (bsc#1111666).\n- btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).\n- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).\n- can: mcba_usb: fix use-after-free on disconnect (git-fixes).\n- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).\n- can: peak_usb: fix slab info leak (git-fixes).\n- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).\n- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).\n- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).\n- can: usb_8dev: fix use-after-free on disconnect (git-fixes).\n- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).\n- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).\n- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).\n- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).\n- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).\n- cfg80211: call disconnect_wk when AP stops (bsc#1051510).\n- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).\n- cfg80211: validate wmm rule when setting (bsc#1111666).\n- cgroup,writeback: do not switch wbs immediately on dead wbs if the memcg is dead (bsc#1158645).\n- cifs: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).\n- cifs: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).\n- cifs: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).\n- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).\n- cifs: fix max ea value size (bsc#1144333, bsc#1154355).\n- cifs: Fix missed free operations (bsc#1144333, bsc#1154355).\n- cifs: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).\n- cifs: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).\n- cifs: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).\n- cifs: Fix use after free of file info structures (bsc#1144333, bsc#1154355).\n- cifs: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).\n- cifs: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).\n- cifs: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).\n- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).\n- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).\n- cifs: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).\n- cifs: use cifsInodeInfo-\u003eopen_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).\n- cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).\n- cifs: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).\n- clk: at91: avoid sleeping early (git-fixes).\n- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).\n- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).\n- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).\n- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).\n- clk: sunxi-ng: a80: fix the zero\u0027ing of bits 16 and 18 (git-fixes).\n- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).\n- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).\n- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).\n- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).\n- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).\n- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).\n- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).\n- cpufreq: Skip cpufreq resume if it\u0027s not suspended (bsc#1051510).\n- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).\n- cpupower: Fix coredump on VMWare (bsc#1051510).\n- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).\n- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).\n- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).\n- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).\n- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).\n- crypto: fix a memory leak in rsa-kcs1pad\u0027s encryption mode (bsc#1051510).\n- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).\n- crypto: mxs-dcp - Fix AES issues (bsc#1051510).\n- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).\n- crypto: mxs-dcp - make symbols \u0027sha1_null_hash\u0027 and \u0027sha256_null_hash\u0027 static (bsc#1051510).\n- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).\n- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).\n- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).\n- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).\n- cxgb4: request the TX CIDX updates to status page (bsc#1127354 bsc#1127371).\n- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).\n- dlm: do not leak kernel pointer to userspace (bsc#1051510).\n- dlm: fix invalid free (bsc#1051510).\n- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).\n- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).\n- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).\n- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).\n- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).\n- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).\n- docs: move protection-keys.rst to the core-api book (bsc#1078248).\n- docs: move protection-keys.rst to the core-api book (FATE#322447, bsc#1078248).\n- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).\n- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).\n- Documentation: x86: convert protection-keys.txt to reST (FATE#322447, bsc#1078248).\n- drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1111666).\n- drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported (bsc#1113956)\n- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)\n- drm: fix module name in edid_firmware log message (bsc#1113956)\n- drm/i915: Do not dereference request if it may have been retired when (bsc#1142635)\n- drm/i915: Fix and improve MCR selection logic (bsc#1112178)\n- drm/i915/gvt: fix dropping obj reference twice (bsc#1111666).\n- drm/i915: Lock the engine while dumping the active request (bsc#1142635)\n- drm/i915/pmu: \u0027Frequency\u0027 is reported as accumulated cycles (bsc#1112178)\n- drm/i915: Reacquire priolist cache after dropping the engine lock (bsc#1129770)\n- drm/i915: Skip modeset for cdclk changes if possible (bsc#1156928).\n- drm/msm: fix memleak on release (bsc#1111666).\n- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)\n- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).\n- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)\n- Drop scsi-qla2xxx-Fix-memory-leak-when-sending-I-O-fails.patch This patch has introduces an double free. Upstream has dropped it from the scsi-queue before it hit mainline. So let\u0027s drop it as well.\n- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).\n- e1000e: Use dev_get_drvdata where possible (bsc#1158049).\n- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).\n- ecryptfs_lookup_interpose(): lower_dentry-\u003ed_inode is not stable (bsc#1158646).\n- ecryptfs_lookup_interpose(): lower_dentry-\u003ed_parent is not stable either (bsc#1158647).\n- EDAC/ghes: Fix locking and memory barrier issues (bsc#1114279). EDAC/ghes: Do not warn when incrementing refcount on 0 (bsc#1114279).\n- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).\n- ext4: fix punch hole for inline_data file systems (bsc#1158640).\n- ext4: update direct I/O read lock pattern for IOCB_NOWAIT (bsc#1158639).\n- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).\n- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).\n- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).\n- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).\n- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).\n- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).\n- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).\n- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).\n- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).\n- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).\n- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).\n- HID: Fix assumption that devices have inputs (git-fixes).\n- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).\n- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).\n- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).\n- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).\n- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).\n- hypfs: Fix error number left in struct pointer member (bsc#1051510).\n- i2c: of: Try to find an I2C adapter matching the parent (bsc#1129770)\n- i40e: enable X710 support (bsc#1151067).\n- IB/mlx5: Free mpi in mp_slave mode (bsc#1103991).\n- IB/mlx5: Free mpi in mp_slave mode (bsc#1103991 FATE#326007).\n- IB/mlx5: Support MLX5_CMD_OP_QUERY_LAG as a DEVX general command (bsc#1103991).\n- IB/mlx5: Support MLX5_CMD_OP_QUERY_LAG as a DEVX general command (bsc#1103991 FATE#326007).\n- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).\n- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).\n- ice: fix potential infinite loop because loop counter being too small (bsc#1118661).\n- ice: fix potential infinite loop because loop counter being too small (bsc#1118661 FATE#325277).\n- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).\n- iio: adc: stm32-adc: fix stopping dma (git-fixes).\n- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).\n- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).\n- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).\n- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).\n- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).\n- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).\n- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).\n- Input: ff-memless - kill timer in destroy() (bsc#1051510).\n- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).\n- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).\n- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).\n- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).\n- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).\n- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).\n- Input: synaptics-rmi4 - fix video buffer size (git-fixes).\n- intel_th: Fix a double put_device() in error path (git-fixes).\n- iomap: Fix pipe page leakage during splicing (bsc#1158651).\n- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).\n- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).\n- ipv4: Return -ENETUNREACH if we can\u0027t create route but saddr is valid (networking-stable-19_10_24).\n- irqdomain: Add the missing assignment of domain-\u003efwnode for named fwnode (bsc#1111666).\n- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).\n- iwlwifi: check kasprintf() return value (bsc#1051510).\n- iwlwifi: drop packets with bad status in CD (bsc#1111666).\n- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).\n- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).\n- iwlwifi: mvm: use correct FIFO length (bsc#1111666).\n- iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN (bsc#1111666).\n- iwlwifi: pcie: read correct prph address for newer devices (bsc#1111666).\n- ixgbe: fix double clean of Tx descriptors with xdp (bsc#1113994 ).\n- ixgbe: fix double clean of Tx descriptors with xdp (bsc#1113994 FATE#326315 FATE#326317).\n- ixgbevf: Fix secpath usage for IPsec Tx offload (bsc#1113994 ).\n- ixgbevf: Fix secpath usage for IPsec Tx offload (bsc#1113994 FATE#326315 FATE#326317).\n- kABI: Fix for \u0027KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled\u0027 (bsc#1158066).\n- kABI fixup alloc_dax_region (bsc#1158071).\n- kabi: s390: struct subchannel (git-fixes).\n- kABI workaround for ath10k hw_filter_reset_required field (bsc#1111666).\n- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).\n- kABI workaround for iwlwifi iwl_rx_cmd_buffer change (bsc#1111666).\n- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).\n- KVM: s390: fix __insn32_query() inline assembly (git-fixes).\n- KVM: s390: vsie: Do not shadow CRYCB when no AP and no keys (git-fixes).\n- KVM: s390: vsie: Return correct values for Invalid CRYCB format (git-fixes).\n- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).\n- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).\n- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).\n- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).\n- KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled (bsc#1158066).\n- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).\n- libnvdimm: Export the target_node attribute for regions and namespaces (bsc#1158071).\n- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).\n- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).\n- liquidio: fix race condition in instruction completion processing (bsc#1051510).\n- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).\n- livepatch: Allow to distinguish different version of system state changes (bsc#1071995 fate#323487).\n- livepatch: Basic API to track system state changes (bsc#1071995 ).\n- livepatch: Basic API to track system state changes (bsc#1071995 fate#323487).\n- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).\n- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995 fate#323487).\n- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).\n- livepatch: Selftests of the API for tracking system state changes (bsc#1071995 fate#323487).\n- loop: add ioctl for changing logical block size (bsc#1108043).\n- loop: fix no-unmap write-zeroes request behavior (bsc#1158637).\n- lpfc: size cpu map by last cpu id set (bsc#1157160).\n- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).\n- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).\n- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).\n- macvlan: schedule bc_work even if error (bsc#1051510).\n- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).\n- media: au0828: Fix incorrect error messages (bsc#1051510).\n- media: bdisp: fix memleak on release (git-fixes).\n- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).\n- media: davinci: Fix implicit enum conversion warning (bsc#1051510).\n- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).\n- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).\n- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).\n- media: imon: invalid dereference in imon_touch_event (bsc#1051510).\n- media: isif: fix a NULL pointer dereference bug (bsc#1051510).\n- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).\n- media: pxa_camera: Fix check for pdev-\u003edev.of_node (bsc#1051510).\n- media: radio: wl1273: fix interrupt masking on release (git-fixes).\n- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).\n- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).\n- media: vim2m: Fix abort issue (git-fixes).\n- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).\n- mei: fix modalias documentation (git-fixes).\n- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).\n- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).\n- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).\n- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).\n- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).\n- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).\n- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).\n- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)\n- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095) Fix badly backported patch\n- mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions (bsc#1112374).\n- mmc: core: fix wl1251 sdio quirks (git-fixes).\n- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).\n- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).\n- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).\n- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).\n- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).\n- mmc: sdio: fix wl1251 vendor id (git-fixes).\n- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).\n- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).\n- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).\n- mt76x0: init hw capabilities.\n- mtd: nand: mtk: fix incorrect register setting order about ecc irq.\n- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).\n- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).\n- mwifex: free rx_cmd skb in suspended state (bsc#1111666).\n- mwifiex: do no submit URB in suspended state (bsc#1111666).\n- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).\n- nbd: prevent memory leak (bsc#1158638).\n- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).\n- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).\n- net: annotate accesses to sk-\u003esk_incoming_cpu (networking-stable-19_11_05).\n- net: annotate lockless accesses to sk-\u003esk_napi_id (networking-stable-19_11_05).\n- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).\n- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).\n- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).\n- net: bcmgenet: Set phydev-\u003edev_flags only for internal PHYs (networking-stable-19_10_24).\n- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).\n- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).\n- net: dsa: fix switch tree list (networking-stable-19_11_05).\n- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).\n- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).\n- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).\n- net: hns3: change GFP flag during lock period (bsc#1104353 ).\n- net: hns3: change GFP flag during lock period (bsc#1104353 FATE#326415).\n- net: hns3: do not query unsupported commands in debugfs (bsc#1104353).\n- net: hns3: do not query unsupported commands in debugfs (bsc#1104353 FATE#326415).\n- net: hns3: fix GFP flag error in hclge_mac_update_stats() (bsc#1126390).\n- net: hns3: fix some reset handshake issue (bsc#1104353 ).\n- net: hns3: fix some reset handshake issue (bsc#1104353 FATE#326415).\n- net: hns3: prevent unnecessary MAC TNL interrupt (bsc#1104353 bsc#1134983).\n- net: hns3: prevent unnecessary MAC TNL interrupt (bsc#1104353 FATE#326415 bsc#1134983).\n- net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bsc#1104353).\n- net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bsc#1104353 FATE#326415).\n- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).\n- net/mlx5e: Fix eswitch debug print of max fdb flow (bsc#1103990 ).\n- net/mlx5e: Fix eswitch debug print of max fdb flow (bsc#1103990 FATE#326006).\n- net/mlx5e: Fix ethtool self test: link speed (bsc#1103990 ).\n- net/mlx5e: Fix ethtool self test: link speed (bsc#1103990 FATE#326006).\n- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).\n- net/mlx5e: Print a warning when LRO feature is dropped or not allowed (bsc#1103990).\n- net/mlx5e: Print a warning when LRO feature is dropped or not allowed (bsc#1103990 FATE#326006).\n- net/mlx5: FWTrace, Reduce stack usage (bsc#1103990).\n- net/mlx5: FWTrace, Reduce stack usage (bsc#1103990 FATE#326006).\n- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).\n- net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bsc#1119113 ).\n- net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bsc#1119113 FATE#326472).\n- net: phylink: Fix flow control resolution (bsc#1119113 ).\n- net: phylink: Fix flow control resolution (bsc#1119113 FATE#326472).\n- net: sched: cbs: Avoid division by zero when calculating the port rate (bsc#1109837).\n- net/sched: cbs: Fix not adding cbs instance to list (bsc#1109837).\n- net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate (bsc#1109837).\n- net: sched: fix possible crash in tcf_action_destroy() (bsc#1109837).\n- net: sched: fix reordering issues (bsc#1109837).\n- net/smc: avoid fallback in case of non-blocking connect (git-fixes).\n- net/smc: do not schedule tx_work in SMC_CLOSED state (git-fixes).\n- net/smc: fix closing of fallback SMC sockets (git-fixes).\n- net/smc: Fix error path in smc_init (git-fixes).\n- net/smc: fix ethernet interface refcounting (git-fixes).\n- net/smc: fix fastopen for non-blocking connect() (git-fixes).\n- net/smc: fix refcounting for non-blocking connect() (git-fixes).\n- net/smc: fix refcount non-blocking connect() -part 2 (git-fixes).\n- net/smc: fix SMCD link group creation with VLAN id (git-fixes).\n- net/smc: keep vlan_id for SMC-R in smc_listen_work() (git-fixes).\n- net/smc: original socket family in inet_sock_diag (git-fixes).\n- net: sock_map, fix missing ulp check in sock hash case (bsc#1109837).\n- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).\n- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).\n- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).\n- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).\n- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).\n- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).\n- nfc: netlink: fix double device reference drop (git-fixes).\n- NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).\n- nfc: port100: handle command failure cleanly (git-fixes).\n- nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (bsc#1109837).\n- nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (bsc#1109837).\n- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).\n- nvme-tcp: support C2HData with SUCCESS flag (bsc#1157386).\n- ocfs2: fix panic due to ocfs2_wq is null (bsc#1158644).\n- ocfs2: fix passing zero to \u0027PTR_ERR\u0027 warning (bsc#1158649).\n- openvswitch: fix flow command message size (git-fixes).\n- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).\n- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).\n- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).\n- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).\n- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).\n- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).\n- PCI: pciehp: Do not disable interrupt twice on suspend (bsc#1111666).\n- PCI/PM: Clear PCIe PME Status even for legacy power management (bsc#1111666).\n- PCI/PME: Fix possible use-after-free on remove (git-fixes).\n- PCI/PTM: Remove spurious \u0027d\u0027 from granularity message (bsc#1051510).\n- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).\n- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).\n- PCI: tegra: Enable Relaxed Ordering only for Tegra20 \u0026 Tegra30 (git-fixes).\n- perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp (bsc#1142924).\n- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).\n- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).\n- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).\n- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).\n- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).\n- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).\n- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).\n- pinctrl: sunxi: Fix a memory leak in \u0027sunxi_pinctrl_build_state()\u0027 (bsc#1051510).\n- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).\n- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).\n- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).\n- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).\n- PM / devfreq: passive: fix compiler warning (bsc#1051510).\n- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).\n- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).\n- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).\n- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).\n- powerpc/bpf: Fix tail call implementation (bsc#1157698).\n- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).\n- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).\n- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).\n- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).\n- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).\n- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).\n- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).\n- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).\n- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).\n- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).\n- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).\n- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).\n- printk: Export console_printk (bsc#1071995).\n- printk: Export console_printk (bsc#1071995 fate#323487).\n- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).\n- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).\n- qxl: fix null-pointer crash during suspend (bsc#1111666).\n- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).\n- RDMA/bnxt_re: Fix stat push into dma buffer on gen p5 devices (bsc#1157115)\n- RDMA/efa: Clear the admin command buffer prior to its submission (git-fixes) Patch was already picked through Amazon driver repo but was not marked with a Git-commit tag\n- RDMA/hns: Fix comparison of unsigned long variable \u0027end\u0027 with less than zero (bsc#1104427 bsc#1137236).\n- RDMA/hns: Fix comparison of unsigned long variable \u0027end\u0027 with less than zero (bsc#1104427 FATE#326416 bsc#1137236).\n- RDMA/hns: Fix wrong assignment of qp_access_flags (bsc#1104427 ).\n- RDMA/hns: Fix wrong assignment of qp_access_flags (bsc#1104427 FATE#326416).\n- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).\n- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).\n- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).\n- Remove patches that reportedly cause regression (bsc#1155689 ltc#182047).\n- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).\n- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).\n- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).\n- Revert \u0027drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)\u0027 This reverts commit 71e3a1b8d8cf73f711f3e4100aa51f68e631f94f. ATM the backported patch does not build on x86.\n- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.\n- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)\n- rt2800: remove errornous duplicate condition (git-fixes).\n- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).\n- rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface (bsc#1111666).\n- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).\n- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).\n- s390/bpf: fix lcgr instruction encoding (bsc#1051510).\n- s390/bpf: use 32-bit index for tail calls (bsc#1051510).\n- s390/cio: avoid calling strlen on null pointer (bsc#1051510).\n- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).\n- s390/cio: fix virtio-ccw DMA without PV (git-fixes).\n- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).\n- s390: fix stfle zero padding (bsc#1051510).\n- s390/idle: fix cpu idle time calculation (bsc#1051510).\n- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).\n- s390/process: avoid potential reading of freed stack (bsc#1051510).\n- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).\n- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).\n- s390/qeth: return proper errno on IO error (bsc#1051510).\n- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).\n- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).\n- s390/topology: avoid firing events before kobjs are created (bsc#1051510).\n- s390: vsie: Use effective CRYCBD.31 to check CRYCBD validity (git-fixes).\n- s390/zcrypt: fix memleak at release (git-fixes).\n- scsi: lpfc: Add enablement of multiple adapter dumps (bsc#1154601).\n- scsi: lpfc: Add registration for CPU Offline/Online events (bsc#1154601).\n- scsi: lpfc: Change default IRQ model on AMD architectures (bsc#1154601).\n- scsi: lpfc: Clarify FAWNN error message (bsc#1154601).\n- scsi: lpfc: Fix a kernel warning triggered by lpfc_get_sgl_per_hdwq() (bsc#1154601).\n- scsi: lpfc: Fix a kernel warning triggered by lpfc_sli4_enable_intr() (bsc#1154601).\n- scsi: lpfc: fix build error of lpfc_debugfs.c for vfree/vmalloc (bsc#1154601).\n- scsi: lpfc: Fix configuration of BB credit recovery in service parameters (bsc#1154601).\n- scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences (bsc#1154601).\n- scsi: lpfc: fix: Coverity: lpfc_get_scsi_buf_s3(): Null pointer dereferences (bsc#1154601).\n- scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow (bsc#1154601).\n- scsi: lpfc: Fix dynamic fw log enablement check (bsc#1154601).\n- scsi: lpfc: fix inlining of lpfc_sli4_cleanup_poll_list() (bsc#1154601).\n- scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce (bsc#1154601).\n- scsi: lpfc: Fix lpfc_cpumask_of_node_init() (bsc#1154601).\n- scsi: lpfc: Fix NULL check before mempool_destroy is not needed (bsc#1154601).\n- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).\n- scsi: lpfc: fix spelling error in MAGIC_NUMER_xxx (bsc#1154601).\n- scsi: lpfc: Fix unexpected error messages during RSCN handling (bsc#1154601).\n- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).\n- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1154601).\n- scsi: lpfc: Initialize cpu_map for not present cpus (bsc#1154601).\n- scsi: lpfc: lpfc_attr: Fix Use plain integer as NULL pointer (bsc#1154601).\n- scsi: lpfc: lpfc_nvmet: Fix Use plain integer as NULL pointer (bsc#1154601).\n- scsi: lpfc: Make lpfc_debugfs_ras_log_data static (bsc#1154601).\n- scsi: lpfc: Mitigate high memory pre-allocation by SCSI-MQ (bsc#1154601).\n- scsi: lpfc: Raise config max for lpfc_fcp_mq_threshold variable (bsc#1154601).\n- scsi: lpfc: revise nvme max queues to be hdwq count (bsc#1154601).\n- scsi: lpfc: Sync with FC-NVMe-2 SLER change to require Conf with SLER (bsc#1154601).\n- scsi: lpfc: Update lpfc version to 12.6.0.1 (bsc#1154601).\n- scsi: lpfc: Update lpfc version to 12.6.0.2 (bsc#1154601).\n- scsi: lpfc: use hdwq assigned cpu for allocation (bsc#1157160).\n- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).\n- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).\n- scsi: qla2xxx: Use correct number of vectors for online CPUs (bsc#1137223).\n- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).\n- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).\n- sctp: fix SCTP regression (bsc#1158082) (networking-stable-19_10_24 bsc#1158082).\n- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).\n- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).\n- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).\n- serial: uartps: Fix suspend functionality (bsc#1051510).\n- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).\n- slcan: Fix memory leak in error path (bsc#1051510).\n- slip: Fix memory leak in slip_open error path (bsc#1051510).\n- slip: Fix use-after-free Read in slip_open (bsc#1051510).\n- smb3: fix leak in \u0027open on server\u0027 perf counter (bsc#1144333, bsc#1154355).\n- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).\n- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).\n- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).\n- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).\n- soc: imx: gpc: fix PDN delay (bsc#1051510).\n- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).\n- Sort series.conf.\n- spi: atmel: Fix CS high support (bsc#1051510).\n- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).\n- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).\n- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).\n- spi: mediatek: use correct mata-\u003exfer_len when in fifo transfer (bsc#1051510).\n- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).\n- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).\n- spi: spidev: Fix OF tree warning logic (bsc#1051510).\n- supported.conf:\n- synclink_gt(): fix compat_ioctl() (bsc#1051510).\n- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).\n- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).\n- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).\n- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).\n- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).\n- tipc: check msg-\u003ereq data len in tipc_nl_compat_bearer_disable (bsc#1051510).\n- tipc: compat: allow tipc commands without arguments (bsc#1051510).\n- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).\n- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).\n- tipc: handle the err returned from cmd header function (bsc#1051510).\n- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).\n- tipc: tipc clang warning (bsc#1051510).\n- tools: bpftool: fix arguments for p_err() in do_event_pipe() (bsc#1109837).\n- tools/power/x86/intel-speed-select: Fix a read overflow in isst_set_tdp_level_msr() (bsc#1111666).\n- tpm: add check after commands attribs tab allocation (bsc#1051510).\n- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: msm_serial: Fix flow control (bsc#1051510).\n- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).\n- tun: fix data-race in gro_normal_list() (bsc#1111666).\n- UAS: Revert commit 3ae62a42090f (\u0027UAS: fix alignment of scatter/gather segments\u0027).\n- ubifs: Correctly initialize c-\u003emin_log_bytes (bsc#1158641).\n- ubifs: Limit the number of pages in shrink_liability (bsc#1158643).\n- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).\n- Update patches.suse/ipv6-defrag-drop-non-last-frags-smaller-than-min-mtu.patch (add bsc#1141054).\n- Update patches.suse/RDMA-Fix-goto-target-to-release-the-allocated-memory.patch (bsc#1050244 FATE#322915 bsc#1157171 CVE-2019-19077).\n- USB: chaoskey: fix error case of a timeout (git-fixes).\n- usb: chipidea: Fix otg event handler (bsc#1051510).\n- usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).\n- usb: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).\n- usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).\n- usb: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).\n- usb: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).\n- usb: gadget: uvc: Factor out video USB request queueing (bsc#1051510).\n- usb: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).\n- USBIP: add config dependency for SGL_ALLOC (git-fixes).\n- usbip: Fix free of unallocated memory in vhci tx (git-fixes).\n- usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).\n- usbip: Implement SG support to vhci-hcd and stub driver (git-fixes).\n- usbip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).\n- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).\n- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).\n- USB: serial: mos7720: fix remote wakeup (git-fixes).\n- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).\n- USB: serial: mos7840: fix remote wakeup (git-fixes).\n- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).\n- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).\n- usb: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).\n- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).\n- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).\n- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).\n- video/hdmi: Fix AVI bar unpack (git-fixes).\n- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).\n- virtio_ring: fix return code on DMA mapping fails (git-fixes).\n- virtio/s390: fix race on airq_areas (bsc#1051510).\n- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).\n- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).\n- watchdog: meson: Fix the wrong value of left time (bsc#1051510).\n- wil6210: drop Rx multicast packets that are looped-back to STA (bsc#1111666).\n- wil6210: fix debugfs memory access alignment (bsc#1111666).\n- wil6210: fix invalid memory access for rx_buff_mgmt debugfs (bsc#1111666).\n- wil6210: fix L2 RX status handling (bsc#1111666).\n- wil6210: fix locking in wmi_call (bsc#1111666).\n- wil6210: fix RGF_CAF_ICR address for Talyn-MB (bsc#1111666).\n- wil6210: prevent usage of tx ring 0 for eDMA (bsc#1111666).\n- wil6210: set edma variables only for Talyn-MB devices (bsc#1111666).\n- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).\n- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).\n- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).\n- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (FATE#322447, bsc#1078248).\n- x86/pkeys: Update documentation about availability (bsc#1078248).\n- x86/pkeys: Update documentation about availability (FATE#322447, bsc#1078248).\n- x86/resctrl: Fix potential lockdep warning (bsc#1114279).\n- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).\n- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).\n- xfrm: fix sa selector validation (bsc#1156609).\n- xfrm: Fix xfrm sel prefix length validation (git-fixes).\n- xfs: Sanity check flags of Q_XQUOTARM call (bsc#1158652).\n- xsk: Fix registration of Rx-only sockets (bsc#1109837).\n- xsk: relax UMEM headroom alignment (bsc#1109837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2675",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2675-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2675-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ETQRKHU2REMA5EANI2CSGTNBUHZHYU3W/#ETQRKHU2REMA5EANI2CSGTNBUHZHYU3W"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2675-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ETQRKHU2REMA5EANI2CSGTNBUHZHYU3W/#ETQRKHU2REMA5EANI2CSGTNBUHZHYU3W"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1089644",
"url": "https://bugzilla.suse.com/1089644"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1103990",
"url": "https://bugzilla.suse.com/1103990"
},
{
"category": "self",
"summary": "SUSE Bug 1103991",
"url": "https://bugzilla.suse.com/1103991"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104745",
"url": "https://bugzilla.suse.com/1104745"
},
{
"category": "self",
"summary": "SUSE Bug 1108043",
"url": "https://bugzilla.suse.com/1108043"
},
{
"category": "self",
"summary": "SUSE Bug 1109837",
"url": "https://bugzilla.suse.com/1109837"
},
{
"category": "self",
"summary": "SUSE Bug 1111666",
"url": "https://bugzilla.suse.com/1111666"
},
{
"category": "self",
"summary": "SUSE Bug 1112178",
"url": "https://bugzilla.suse.com/1112178"
},
{
"category": "self",
"summary": "SUSE Bug 1112374",
"url": "https://bugzilla.suse.com/1112374"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1113956",
"url": "https://bugzilla.suse.com/1113956"
},
{
"category": "self",
"summary": "SUSE Bug 1113994",
"url": "https://bugzilla.suse.com/1113994"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1117169",
"url": "https://bugzilla.suse.com/1117169"
},
{
"category": "self",
"summary": "SUSE Bug 1118661",
"url": "https://bugzilla.suse.com/1118661"
},
{
"category": "self",
"summary": "SUSE Bug 1119113",
"url": "https://bugzilla.suse.com/1119113"
},
{
"category": "self",
"summary": "SUSE Bug 1120853",
"url": "https://bugzilla.suse.com/1120853"
},
{
"category": "self",
"summary": "SUSE Bug 1126390",
"url": "https://bugzilla.suse.com/1126390"
},
{
"category": "self",
"summary": "SUSE Bug 1127354",
"url": "https://bugzilla.suse.com/1127354"
},
{
"category": "self",
"summary": "SUSE Bug 1127371",
"url": "https://bugzilla.suse.com/1127371"
},
{
"category": "self",
"summary": "SUSE Bug 1129770",
"url": "https://bugzilla.suse.com/1129770"
},
{
"category": "self",
"summary": "SUSE Bug 1131107",
"url": "https://bugzilla.suse.com/1131107"
},
{
"category": "self",
"summary": "SUSE Bug 1134983",
"url": "https://bugzilla.suse.com/1134983"
},
{
"category": "self",
"summary": "SUSE Bug 1137223",
"url": "https://bugzilla.suse.com/1137223"
},
{
"category": "self",
"summary": "SUSE Bug 1137236",
"url": "https://bugzilla.suse.com/1137236"
},
{
"category": "self",
"summary": "SUSE Bug 1138039",
"url": "https://bugzilla.suse.com/1138039"
},
{
"category": "self",
"summary": "SUSE Bug 1140948",
"url": "https://bugzilla.suse.com/1140948"
},
{
"category": "self",
"summary": "SUSE Bug 1141054",
"url": "https://bugzilla.suse.com/1141054"
},
{
"category": "self",
"summary": "SUSE Bug 1142095",
"url": "https://bugzilla.suse.com/1142095"
},
{
"category": "self",
"summary": "SUSE Bug 1142635",
"url": "https://bugzilla.suse.com/1142635"
},
{
"category": "self",
"summary": "SUSE Bug 1142924",
"url": "https://bugzilla.suse.com/1142924"
},
{
"category": "self",
"summary": "SUSE Bug 1144333",
"url": "https://bugzilla.suse.com/1144333"
},
{
"category": "self",
"summary": "SUSE Bug 1146519",
"url": "https://bugzilla.suse.com/1146519"
},
{
"category": "self",
"summary": "SUSE Bug 1146544",
"url": "https://bugzilla.suse.com/1146544"
},
{
"category": "self",
"summary": "SUSE Bug 1149448",
"url": "https://bugzilla.suse.com/1149448"
},
{
"category": "self",
"summary": "SUSE Bug 1151067",
"url": "https://bugzilla.suse.com/1151067"
},
{
"category": "self",
"summary": "SUSE Bug 1151548",
"url": "https://bugzilla.suse.com/1151548"
},
{
"category": "self",
"summary": "SUSE Bug 1151900",
"url": "https://bugzilla.suse.com/1151900"
},
{
"category": "self",
"summary": "SUSE Bug 1153628",
"url": "https://bugzilla.suse.com/1153628"
},
{
"category": "self",
"summary": "SUSE Bug 1153811",
"url": "https://bugzilla.suse.com/1153811"
},
{
"category": "self",
"summary": "SUSE Bug 1154043",
"url": "https://bugzilla.suse.com/1154043"
},
{
"category": "self",
"summary": "SUSE Bug 1154058",
"url": "https://bugzilla.suse.com/1154058"
},
{
"category": "self",
"summary": "SUSE Bug 1154355",
"url": "https://bugzilla.suse.com/1154355"
},
{
"category": "self",
"summary": "SUSE Bug 1154601",
"url": "https://bugzilla.suse.com/1154601"
},
{
"category": "self",
"summary": "SUSE Bug 1155689",
"url": "https://bugzilla.suse.com/1155689"
},
{
"category": "self",
"summary": "SUSE Bug 1155897",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "self",
"summary": "SUSE Bug 1155921",
"url": "https://bugzilla.suse.com/1155921"
},
{
"category": "self",
"summary": "SUSE Bug 1156258",
"url": "https://bugzilla.suse.com/1156258"
},
{
"category": "self",
"summary": "SUSE Bug 1156466",
"url": "https://bugzilla.suse.com/1156466"
},
{
"category": "self",
"summary": "SUSE Bug 1156471",
"url": "https://bugzilla.suse.com/1156471"
},
{
"category": "self",
"summary": "SUSE Bug 1156494",
"url": "https://bugzilla.suse.com/1156494"
},
{
"category": "self",
"summary": "SUSE Bug 1156609",
"url": "https://bugzilla.suse.com/1156609"
},
{
"category": "self",
"summary": "SUSE Bug 1156700",
"url": "https://bugzilla.suse.com/1156700"
},
{
"category": "self",
"summary": "SUSE Bug 1156729",
"url": "https://bugzilla.suse.com/1156729"
},
{
"category": "self",
"summary": "SUSE Bug 1156882",
"url": "https://bugzilla.suse.com/1156882"
},
{
"category": "self",
"summary": "SUSE Bug 1156928",
"url": "https://bugzilla.suse.com/1156928"
},
{
"category": "self",
"summary": "SUSE Bug 1157032",
"url": "https://bugzilla.suse.com/1157032"
},
{
"category": "self",
"summary": "SUSE Bug 1157038",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "self",
"summary": "SUSE Bug 1157042",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "self",
"summary": "SUSE Bug 1157044",
"url": "https://bugzilla.suse.com/1157044"
},
{
"category": "self",
"summary": "SUSE Bug 1157045",
"url": "https://bugzilla.suse.com/1157045"
},
{
"category": "self",
"summary": "SUSE Bug 1157046",
"url": "https://bugzilla.suse.com/1157046"
},
{
"category": "self",
"summary": "SUSE Bug 1157049",
"url": "https://bugzilla.suse.com/1157049"
},
{
"category": "self",
"summary": "SUSE Bug 1157070",
"url": "https://bugzilla.suse.com/1157070"
},
{
"category": "self",
"summary": "SUSE Bug 1157115",
"url": "https://bugzilla.suse.com/1157115"
},
{
"category": "self",
"summary": "SUSE Bug 1157143",
"url": "https://bugzilla.suse.com/1157143"
},
{
"category": "self",
"summary": "SUSE Bug 1157145",
"url": "https://bugzilla.suse.com/1157145"
},
{
"category": "self",
"summary": "SUSE Bug 1157158",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "self",
"summary": "SUSE Bug 1157160",
"url": "https://bugzilla.suse.com/1157160"
},
{
"category": "self",
"summary": "SUSE Bug 1157162",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "self",
"summary": "SUSE Bug 1157171",
"url": "https://bugzilla.suse.com/1157171"
},
{
"category": "self",
"summary": "SUSE Bug 1157173",
"url": "https://bugzilla.suse.com/1157173"
},
{
"category": "self",
"summary": "SUSE Bug 1157178",
"url": "https://bugzilla.suse.com/1157178"
},
{
"category": "self",
"summary": "SUSE Bug 1157180",
"url": "https://bugzilla.suse.com/1157180"
},
{
"category": "self",
"summary": "SUSE Bug 1157182",
"url": "https://bugzilla.suse.com/1157182"
},
{
"category": "self",
"summary": "SUSE Bug 1157183",
"url": "https://bugzilla.suse.com/1157183"
},
{
"category": "self",
"summary": "SUSE Bug 1157184",
"url": "https://bugzilla.suse.com/1157184"
},
{
"category": "self",
"summary": "SUSE Bug 1157191",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "self",
"summary": "SUSE Bug 1157193",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "self",
"summary": "SUSE Bug 1157197",
"url": "https://bugzilla.suse.com/1157197"
},
{
"category": "self",
"summary": "SUSE Bug 1157298",
"url": "https://bugzilla.suse.com/1157298"
},
{
"category": "self",
"summary": "SUSE Bug 1157304",
"url": "https://bugzilla.suse.com/1157304"
},
{
"category": "self",
"summary": "SUSE Bug 1157307",
"url": "https://bugzilla.suse.com/1157307"
},
{
"category": "self",
"summary": "SUSE Bug 1157324",
"url": "https://bugzilla.suse.com/1157324"
},
{
"category": "self",
"summary": "SUSE Bug 1157333",
"url": "https://bugzilla.suse.com/1157333"
},
{
"category": "self",
"summary": "SUSE Bug 1157386",
"url": "https://bugzilla.suse.com/1157386"
},
{
"category": "self",
"summary": "SUSE Bug 1157424",
"url": "https://bugzilla.suse.com/1157424"
},
{
"category": "self",
"summary": "SUSE Bug 1157463",
"url": "https://bugzilla.suse.com/1157463"
},
{
"category": "self",
"summary": "SUSE Bug 1157499",
"url": "https://bugzilla.suse.com/1157499"
},
{
"category": "self",
"summary": "SUSE Bug 1157678",
"url": "https://bugzilla.suse.com/1157678"
},
{
"category": "self",
"summary": "SUSE Bug 1157698",
"url": "https://bugzilla.suse.com/1157698"
},
{
"category": "self",
"summary": "SUSE Bug 1157778",
"url": "https://bugzilla.suse.com/1157778"
},
{
"category": "self",
"summary": "SUSE Bug 1157908",
"url": "https://bugzilla.suse.com/1157908"
},
{
"category": "self",
"summary": "SUSE Bug 1158049",
"url": "https://bugzilla.suse.com/1158049"
},
{
"category": "self",
"summary": "SUSE Bug 1158063",
"url": "https://bugzilla.suse.com/1158063"
},
{
"category": "self",
"summary": "SUSE Bug 1158064",
"url": "https://bugzilla.suse.com/1158064"
},
{
"category": "self",
"summary": "SUSE Bug 1158065",
"url": "https://bugzilla.suse.com/1158065"
},
{
"category": "self",
"summary": "SUSE Bug 1158066",
"url": "https://bugzilla.suse.com/1158066"
},
{
"category": "self",
"summary": "SUSE Bug 1158067",
"url": "https://bugzilla.suse.com/1158067"
},
{
"category": "self",
"summary": "SUSE Bug 1158068",
"url": "https://bugzilla.suse.com/1158068"
},
{
"category": "self",
"summary": "SUSE Bug 1158071",
"url": "https://bugzilla.suse.com/1158071"
},
{
"category": "self",
"summary": "SUSE Bug 1158082",
"url": "https://bugzilla.suse.com/1158082"
},
{
"category": "self",
"summary": "SUSE Bug 1158381",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "self",
"summary": "SUSE Bug 1158394",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "self",
"summary": "SUSE Bug 1158398",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "self",
"summary": "SUSE Bug 1158407",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "self",
"summary": "SUSE Bug 1158410",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "self",
"summary": "SUSE Bug 1158413",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "self",
"summary": "SUSE Bug 1158417",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "self",
"summary": "SUSE Bug 1158427",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "self",
"summary": "SUSE Bug 1158445",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "self",
"summary": "SUSE Bug 1158637",
"url": "https://bugzilla.suse.com/1158637"
},
{
"category": "self",
"summary": "SUSE Bug 1158638",
"url": "https://bugzilla.suse.com/1158638"
},
{
"category": "self",
"summary": "SUSE Bug 1158639",
"url": "https://bugzilla.suse.com/1158639"
},
{
"category": "self",
"summary": "SUSE Bug 1158640",
"url": "https://bugzilla.suse.com/1158640"
},
{
"category": "self",
"summary": "SUSE Bug 1158641",
"url": "https://bugzilla.suse.com/1158641"
},
{
"category": "self",
"summary": "SUSE Bug 1158643",
"url": "https://bugzilla.suse.com/1158643"
},
{
"category": "self",
"summary": "SUSE Bug 1158644",
"url": "https://bugzilla.suse.com/1158644"
},
{
"category": "self",
"summary": "SUSE Bug 1158645",
"url": "https://bugzilla.suse.com/1158645"
},
{
"category": "self",
"summary": "SUSE Bug 1158646",
"url": "https://bugzilla.suse.com/1158646"
},
{
"category": "self",
"summary": "SUSE Bug 1158647",
"url": "https://bugzilla.suse.com/1158647"
},
{
"category": "self",
"summary": "SUSE Bug 1158649",
"url": "https://bugzilla.suse.com/1158649"
},
{
"category": "self",
"summary": "SUSE Bug 1158651",
"url": "https://bugzilla.suse.com/1158651"
},
{
"category": "self",
"summary": "SUSE Bug 1158652",
"url": "https://bugzilla.suse.com/1158652"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14895 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14901 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15213 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15916 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18660 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18683 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18809 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19046 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19049 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19052 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19056 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19057 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19058 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19060 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19062 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19063 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19065 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19067 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19068 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19073 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19074 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19075 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19077 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19078 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19080 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19081 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19082 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19083 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19227 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19524 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19525 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19528 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19529 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19530 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19531 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19534 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19536 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19543 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19543/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-12-12T09:15:03Z",
"generator": {
"date": "2019-12-12T09:15:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2675-1",
"initial_release_date": "2019-12-12T09:15:03Z",
"revision_history": [
{
"date": "2019-12-12T09:15:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-devel-4.12.14-lp151.28.36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-docs-4.12.14-lp151.28.36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp151.28.36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-macros-4.12.14-lp151.28.36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-source-4.12.14-lp151.28.36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-default-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14895"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14895",
"url": "https://www.suse.com/security/cve/CVE-2019-14895"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1157158 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "external",
"summary": "SUSE Bug 1173100 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173100"
},
{
"category": "external",
"summary": "SUSE Bug 1173660 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "important"
}
],
"title": "CVE-2019-14895"
},
{
"cve": "CVE-2019-14901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14901"
}
],
"notes": [
{
"category": "general",
"text": "A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14901",
"url": "https://www.suse.com/security/cve/CVE-2019-14901"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1173661 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1173661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "important"
}
],
"title": "CVE-2019-14901"
},
{
"cve": "CVE-2019-15213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15213"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15213",
"url": "https://www.suse.com/security/cve/CVE-2019-15213"
},
{
"category": "external",
"summary": "SUSE Bug 1146519 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1146519"
},
{
"category": "external",
"summary": "SUSE Bug 1146544 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1146544"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-15213"
},
{
"cve": "CVE-2019-15916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15916"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15916",
"url": "https://www.suse.com/security/cve/CVE-2019-15916"
},
{
"category": "external",
"summary": "SUSE Bug 1149448 for CVE-2019-15916",
"url": "https://bugzilla.suse.com/1149448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-15916"
},
{
"cve": "CVE-2019-18660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18660"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18660",
"url": "https://www.suse.com/security/cve/CVE-2019-18660"
},
{
"category": "external",
"summary": "SUSE Bug 1157038 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "external",
"summary": "SUSE Bug 1157923 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-18660"
},
{
"cve": "CVE-2019-18683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18683"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18683",
"url": "https://www.suse.com/security/cve/CVE-2019-18683"
},
{
"category": "external",
"summary": "SUSE Bug 1155897 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "external",
"summary": "SUSE Bug 1173868 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1173868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "important"
}
],
"title": "CVE-2019-18683"
},
{
"cve": "CVE-2019-18809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18809"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18809",
"url": "https://www.suse.com/security/cve/CVE-2019-18809"
},
{
"category": "external",
"summary": "SUSE Bug 1156258 for CVE-2019-18809",
"url": "https://bugzilla.suse.com/1156258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-18809"
},
{
"cve": "CVE-2019-19046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19046"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19046",
"url": "https://www.suse.com/security/cve/CVE-2019-19046"
},
{
"category": "external",
"summary": "SUSE Bug 1157304 for CVE-2019-19046",
"url": "https://bugzilla.suse.com/1157304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19046"
},
{
"cve": "CVE-2019-19049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19049"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19049",
"url": "https://www.suse.com/security/cve/CVE-2019-19049"
},
{
"category": "external",
"summary": "SUSE Bug 1157173 for CVE-2019-19049",
"url": "https://bugzilla.suse.com/1157173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19049"
},
{
"cve": "CVE-2019-19052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19052"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19052",
"url": "https://www.suse.com/security/cve/CVE-2019-19052"
},
{
"category": "external",
"summary": "SUSE Bug 1157324 for CVE-2019-19052",
"url": "https://bugzilla.suse.com/1157324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19052"
},
{
"cve": "CVE-2019-19056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19056"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19056",
"url": "https://www.suse.com/security/cve/CVE-2019-19056"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19056",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19056"
},
{
"cve": "CVE-2019-19057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19057"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19057",
"url": "https://www.suse.com/security/cve/CVE-2019-19057"
},
{
"category": "external",
"summary": "SUSE Bug 1157193 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19057"
},
{
"cve": "CVE-2019-19058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19058"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19058",
"url": "https://www.suse.com/security/cve/CVE-2019-19058"
},
{
"category": "external",
"summary": "SUSE Bug 1157145 for CVE-2019-19058",
"url": "https://bugzilla.suse.com/1157145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19058"
},
{
"cve": "CVE-2019-19060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19060"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19060",
"url": "https://www.suse.com/security/cve/CVE-2019-19060"
},
{
"category": "external",
"summary": "SUSE Bug 1157178 for CVE-2019-19060",
"url": "https://bugzilla.suse.com/1157178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19060"
},
{
"cve": "CVE-2019-19062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19062"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19062",
"url": "https://www.suse.com/security/cve/CVE-2019-19062"
},
{
"category": "external",
"summary": "SUSE Bug 1157333 for CVE-2019-19062",
"url": "https://bugzilla.suse.com/1157333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19062"
},
{
"cve": "CVE-2019-19063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19063"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19063",
"url": "https://www.suse.com/security/cve/CVE-2019-19063"
},
{
"category": "external",
"summary": "SUSE Bug 1157298 for CVE-2019-19063",
"url": "https://bugzilla.suse.com/1157298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19063"
},
{
"cve": "CVE-2019-19065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19065"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because \"rhashtable_init() can only fail if it is passed invalid values in the second parameter\u0027s struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19065",
"url": "https://www.suse.com/security/cve/CVE-2019-19065"
},
{
"category": "external",
"summary": "SUSE Bug 1157191 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "external",
"summary": "SUSE Bug 1173961 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1173961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "important"
}
],
"title": "CVE-2019-19065"
},
{
"cve": "CVE-2019-19067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19067"
}
],
"notes": [
{
"category": "general",
"text": "Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19067",
"url": "https://www.suse.com/security/cve/CVE-2019-19067"
},
{
"category": "external",
"summary": "SUSE Bug 1157180 for CVE-2019-19067",
"url": "https://bugzilla.suse.com/1157180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19067"
},
{
"cve": "CVE-2019-19068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19068"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19068",
"url": "https://www.suse.com/security/cve/CVE-2019-19068"
},
{
"category": "external",
"summary": "SUSE Bug 1157307 for CVE-2019-19068",
"url": "https://bugzilla.suse.com/1157307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19068"
},
{
"cve": "CVE-2019-19073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19073"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19073",
"url": "https://www.suse.com/security/cve/CVE-2019-19073"
},
{
"category": "external",
"summary": "SUSE Bug 1157070 for CVE-2019-19073",
"url": "https://bugzilla.suse.com/1157070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19073"
},
{
"cve": "CVE-2019-19074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19074"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19074",
"url": "https://www.suse.com/security/cve/CVE-2019-19074"
},
{
"category": "external",
"summary": "SUSE Bug 1157143 for CVE-2019-19074",
"url": "https://bugzilla.suse.com/1157143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19074"
},
{
"cve": "CVE-2019-19075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19075"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19075",
"url": "https://www.suse.com/security/cve/CVE-2019-19075"
},
{
"category": "external",
"summary": "SUSE Bug 1157162 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "external",
"summary": "SUSE Bug 1173958 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1173958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19075"
},
{
"cve": "CVE-2019-19077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19077"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19077",
"url": "https://www.suse.com/security/cve/CVE-2019-19077"
},
{
"category": "external",
"summary": "SUSE Bug 1157171 for CVE-2019-19077",
"url": "https://bugzilla.suse.com/1157171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19077"
},
{
"cve": "CVE-2019-19078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19078"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19078",
"url": "https://www.suse.com/security/cve/CVE-2019-19078"
},
{
"category": "external",
"summary": "SUSE Bug 1157032 for CVE-2019-19078",
"url": "https://bugzilla.suse.com/1157032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19078"
},
{
"cve": "CVE-2019-19080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19080"
}
],
"notes": [
{
"category": "general",
"text": "Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19080",
"url": "https://www.suse.com/security/cve/CVE-2019-19080"
},
{
"category": "external",
"summary": "SUSE Bug 1157044 for CVE-2019-19080",
"url": "https://bugzilla.suse.com/1157044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19080"
},
{
"cve": "CVE-2019-19081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19081"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19081",
"url": "https://www.suse.com/security/cve/CVE-2019-19081"
},
{
"category": "external",
"summary": "SUSE Bug 1157045 for CVE-2019-19081",
"url": "https://bugzilla.suse.com/1157045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19081"
},
{
"cve": "CVE-2019-19082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19082"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19082",
"url": "https://www.suse.com/security/cve/CVE-2019-19082"
},
{
"category": "external",
"summary": "SUSE Bug 1157046 for CVE-2019-19082",
"url": "https://bugzilla.suse.com/1157046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19082"
},
{
"cve": "CVE-2019-19083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19083"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19083",
"url": "https://www.suse.com/security/cve/CVE-2019-19083"
},
{
"category": "external",
"summary": "SUSE Bug 1157049 for CVE-2019-19083",
"url": "https://bugzilla.suse.com/1157049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19083"
},
{
"cve": "CVE-2019-19227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19227"
}
],
"notes": [
{
"category": "general",
"text": "In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19227",
"url": "https://www.suse.com/security/cve/CVE-2019-19227"
},
{
"category": "external",
"summary": "SUSE Bug 1157678 for CVE-2019-19227",
"url": "https://bugzilla.suse.com/1157678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19227"
},
{
"cve": "CVE-2019-19524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19524",
"url": "https://www.suse.com/security/cve/CVE-2019-19524"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158413 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19524"
},
{
"cve": "CVE-2019-19525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19525",
"url": "https://www.suse.com/security/cve/CVE-2019-19525"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158417 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19525"
},
{
"cve": "CVE-2019-19528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19528",
"url": "https://www.suse.com/security/cve/CVE-2019-19528"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158407 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19528"
},
{
"cve": "CVE-2019-19529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19529",
"url": "https://www.suse.com/security/cve/CVE-2019-19529"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19529"
},
{
"cve": "CVE-2019-19530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19530",
"url": "https://www.suse.com/security/cve/CVE-2019-19530"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158410 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-19530"
},
{
"cve": "CVE-2019-19531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19531",
"url": "https://www.suse.com/security/cve/CVE-2019-19531"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "external",
"summary": "SUSE Bug 1158445 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19531"
},
{
"cve": "CVE-2019-19534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19534",
"url": "https://www.suse.com/security/cve/CVE-2019-19534"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158398 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19534"
},
{
"cve": "CVE-2019-19536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19536",
"url": "https://www.suse.com/security/cve/CVE-2019-19536"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158394 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19536"
},
{
"cve": "CVE-2019-19543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19543",
"url": "https://www.suse.com/security/cve/CVE-2019-19543"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19543",
"url": "https://bugzilla.suse.com/1158427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.36.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.36.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T09:15:03Z",
"details": "low"
}
],
"title": "CVE-2019-19543"
}
]
}
SUSE-SU-2019:3289-1
Vulnerability from csaf_suse - Published: 2019-12-12 14:52 - Updated: 2019-12-12 14:52Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 15 kernel-azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bsc#1158445).
- CVE-2019-19543: Fixed a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bsc#1158427).
- CVE-2019-19525: Fixed a use-after-free due to a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035 (bsc#1158417).
- CVE-2019-19530: Fixed a use-after-free due to a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bsc#1158410).
- CVE-2019-19536: Fixed a potential information leak due to a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0 (bsc#1158394).
- CVE-2019-19524: Fixed a use-after-free due to a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bsc#1158413).
- CVE-2019-19528: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d (bsc#1158407).
- CVE-2019-19534: Fixed a potential information leak due to a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29 (bsc#1158398).
- CVE-2019-19529: Fixed a use-after-free due to a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41 (bsc#1158381).
- CVE-2019-14901: Fixed a heap overflow in Marvell WiFi chip driver which could have allowed a remote attacker to cause denial of service or execute arbitrary code (bsc#1157042).
- CVE-2019-14895: Fixed a heap-based buffer overflow in Marvell WiFi chip driver which may occur when the station attempts a connection negotiation during the handling of the remote devices country settings leading to denial of service (bsc#1157158).
- CVE-2019-18660: Fixed a potential information leak on powerpc because the Spectre-RSB mitigation was not in place for all applicable CPUs, aka CID-39e72bf96f58 (bsc#1157038).
- CVE-2019-18683: Fixed a privilege escalation due to multiple race conditions (bsc#1155897).
- CVE-2019-18809: Fixed a memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c aka CID-2289adbfa559 (bsc#1156258).
- CVE-2019-19062: Fixed a memory leak in the crypto_report() function in crypto/crypto_user_base.c aka CID-ffdde5932042 (bsc#1157333).
- CVE-2019-19057: Fixed two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-d10dcb615c8e (bsc#1157193).
- CVE-2019-19056: Fixed a memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-db8fd2cde932 (bsc#1157197).
- CVE-2019-19068: Fixed a memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c aka CID-a2cdd07488e6 (bsc#1157307).
- CVE-2019-19063: Fixed two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c aka CID-3f9361695113 (bsc#1157298).
- CVE-2019-19227: Fixed a potential null pointer dereference in the AppleTalk subsystem leadind to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c aka CID-9804501fa122 (bsc#1157678).
- CVE-2019-19065: Fixed a memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c aka CID-34b3be18a04e (bsc#1157191).
- CVE-2019-19077: Fixed a memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c aka CID-4a9d46a9fe14 (bsc#1157171).
- CVE-2019-19052: Fixed a memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c aka CID-fb5be6a7b486 (bsc#1157324).
- CVE-2019-19067: Fixed multiple memory leaks in acp_hw_init (bsc#1157180).
- CVE-2019-19060: Fixed a memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c aka CID-ab612b1daf41 (bsc#1157178).
- CVE-2019-19049: Fixed a memory leak in unittest_data_add (bsc#1157173).
- CVE-2019-19075: Fixed a memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c aka CID-6402939ec86e (bsc#1157162).
- CVE-2019-19058: Fixed a memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c aka CID-b4b814fec1a5 (bsc#1157145).
- CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c aka CID-728c1e2a05e4 (bsc#1157143).
- CVE-2019-19073: Fixed multiple memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c aka CID-853acf7caf10 (bsc#1157070).
- CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which would have caused denial of service (bsc#1149448).
- CVE-2019-16231: Fixed a null pointer dereference in drivers/net/fjes/fjes_main.c (bsc#1150466).
- CVE-2019-0154: Fixed a local denial of service via read of unprotected i915 registers. (bsc#1135966)
- CVE-2019-0155: Fixed a privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967)
The following non-security bugs were fixed:
- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).
- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).
- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).
- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).
- ALSA: 6fire: Drop the dead code (git-fixes).
- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).
- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).
- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).
- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).
- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).
- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).
- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).
- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).
- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).
- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).
- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).
- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).
- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).
- ALSA: seq: Do error checks at creating system ports (bsc#1051510).
- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).
- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).
- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).
- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).
- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.
- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).
- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).
- ASoC: dpcm: Properly initialise hw->rate_max (bsc#1051510).
- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).
- ASoC: kirkwood: fix external clock probe defer (git-fixes).
- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).
- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).
- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).
- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).
- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).
- ata: ep93xx: Use proper enums for directions (bsc#1051510).
- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).
- ath10k: fix vdev-start timeout on error (bsc#1051510).
- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).
- ath10k: wmi: disable softirq's while calling ieee80211_rx (bsc#1051510).
- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).
- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).
- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).
- ath9k: fix tx99 with monitor mode interface (bsc#1051510).
- ath9k_hw: fix uninitialized variable data (bsc#1051510).
- ax88172a: fix information leak on short answers (bsc#1051510).
- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).
- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).
- Bluetooth: delete a stray unlock (bsc#1051510).
- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).
- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).
- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).
- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).
- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).
- brcmfmac: reduce timeout for action frame scan (bsc#1051510).
- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).
- brcmsmac: never log 'tid x is not agg'able' by default (bsc#1051510).
- Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).
- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).
- can: mcba_usb: fix use-after-free on disconnect (git-fixes).
- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).
- can: peak_usb: fix slab info leak (git-fixes).
- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).
- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).
- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).
- can: usb_8dev: fix use-after-free on disconnect (git-fixes).
- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).
- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).
- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).
- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).
- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).
- cfg80211: call disconnect_wk when AP stops (bsc#1051510).
- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).
- CIFS: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).
- CIFS: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).
- CIFS: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).
- CIFS: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).
- CIFS: fix max ea value size (bsc#1144333, bsc#1154355).
- CIFS: Fix missed free operations (bsc#1144333, bsc#1154355).
- CIFS: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).
- CIFS: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).
- CIFS: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).
- CIFS: Fix use after free of file info structures (bsc#1144333, bsc#1154355).
- CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).
- CIFS: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).
- CIFS: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).
- CIFS: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).
- CIFS: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).
- CIFS: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).
- CIFS: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).
- CIFS: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).
- CIFS: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).
- clk: at91: avoid sleeping early (git-fixes).
- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).
- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).
- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).
- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).
- clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 (git-fixes).
- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).
- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).
- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).
- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).
- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).
- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).
- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).
- cpufreq: Skip cpufreq resume if it's not suspended (bsc#1051510).
- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).
- cpupower: Fix coredump on VMWare (bsc#1051510).
- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).
- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).
- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).
- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).
- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).
- crypto: fix a memory leak in rsa-kcs1pad's encryption mode (bsc#1051510).
- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).
- crypto: mxs-dcp - Fix AES issues (bsc#1051510).
- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).
- crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static (bsc#1051510).
- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).
- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).
- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).
- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).
- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).
- Disable SGL_ALLOC
- dlm: do not leak kernel pointer to userspace (bsc#1051510).
- dlm: fix invalid free (bsc#1051510).
- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).
- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).
- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).
- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).
- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).
- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).
- docs: move protection-keys.rst to the core-api book (bsc#1078248).
- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).
- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).
- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)
- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)
- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).
- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)
- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).
- e1000e: Use dev_get_drvdata where possible (bsc#1158049).
- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).
- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).
- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).
- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).
- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).
- fix SCTP regression (networking-stable-19_10_24 bsc#1158082).
- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).
- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).
- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).
- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).
- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).
- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).
- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).
- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).
- HID: Fix assumption that devices have inputs (git-fixes).
- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).
- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).
- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).
- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).
- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).
- hypfs: Fix error number left in struct pointer member (bsc#1051510).
- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).
- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).
- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).
- iio: adc: stm32-adc: fix stopping dma (git-fixes).
- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).
- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).
- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).
- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).
- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).
- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).
- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).
- Input: ff-memless - kill timer in destroy() (bsc#1051510).
- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).
- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).
- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).
- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).
- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).
- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).
- Input: synaptics-rmi4 - fix video buffer size (git-fixes).
- intel_th: Fix a double put_device() in error path (git-fixes).
- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).
- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).
- ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (networking-stable-19_10_24).
- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).
- iwlwifi: check kasprintf() return value (bsc#1051510).
- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).
- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).
- kABI: Fix for 'KVM: x86: Introduce vcpu->arch.xsaves_enabled' (bsc#1158066).
- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).
- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).
- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).
- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).
- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).
- KVM: x86: Introduce vcpu->arch.xsaves_enabled (bsc#1158066).
- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).
- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).
- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).
- liquidio: fix race condition in instruction completion processing (bsc#1051510).
- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).
- livepatch: Basic API to track system state changes (bsc#1071995 ).
- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).
- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).
- loop: add ioctl for changing logical block size (bsc#1108043).
- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).
- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).
- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).
- macvlan: schedule bc_work even if error (bsc#1051510).
- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).
- media: au0828: Fix incorrect error messages (bsc#1051510).
- media: bdisp: fix memleak on release (git-fixes).
- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).
- media: davinci: Fix implicit enum conversion warning (bsc#1051510).
- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).
- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).
- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).
- media: imon: invalid dereference in imon_touch_event (bsc#1051510).
- media: isif: fix a NULL pointer dereference bug (bsc#1051510).
- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).
- media: pxa_camera: Fix check for pdev->dev.of_node (bsc#1051510).
- media: radio: wl1273: fix interrupt masking on release (git-fixes).
- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).
- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).
- media: vim2m: Fix abort issue (git-fixes).
- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).
- mei: fix modalias documentation (git-fixes).
- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).
- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).
- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).
- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).
- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).
- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).
- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).
- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
- mmc: core: fix wl1251 sdio quirks (git-fixes).
- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).
- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).
- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).
- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).
- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).
- mmc: sdio: fix wl1251 vendor id (git-fixes).
- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).
- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).
- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).
- mtd: nand: mtk: fix incorrect register setting order about ecc irq.
- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).
- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).
- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).
- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).
- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).
- net: annotate accesses to sk->sk_incoming_cpu (networking-stable-19_11_05).
- net: annotate lockless accesses to sk->sk_napi_id (networking-stable-19_11_05).
- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).
- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).
- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).
- net: bcmgenet: Set phydev->dev_flags only for internal PHYs (networking-stable-19_10_24).
- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).
- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).
- net: dsa: fix switch tree list (networking-stable-19_11_05).
- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).
- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).
- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).
- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).
- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).
- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).
- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).
- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).
- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).
- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).
- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).
- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).
- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).
- nfc: netlink: fix double device reference drop (git-fixes).
- nfc: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).
- nfc: port100: handle command failure cleanly (git-fixes).
- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).
- openvswitch: fix flow command message size (git-fixes).
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).
- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).
- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).
- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).
- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).
- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).
- PCI/PME: Fix possible use-after-free on remove (git-fixes).
- PCI/PTM: Remove spurious 'd' from granularity message (bsc#1051510).
- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).
- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).
- PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 (git-fixes).
- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).
- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).
- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).
- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).
- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).
- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).
- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).
- pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' (bsc#1051510).
- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).
- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).
- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).
- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).
- PM / devfreq: passive: fix compiler warning (bsc#1051510).
- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).
- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).
- powerpc/bpf: Fix tail call implementation (bsc#1157698).
- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).
- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).
- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).
- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).
- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).
- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).
- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).
- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).
- power: supply: max14656: fix potential use-after-free (bsc#1051510).
- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).
- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).
- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).
- printk: Export console_printk (bsc#1071995).
- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).
- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).
- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).
- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).
- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).
- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).
- Remove patches that reportedly cause regression (bsc#1155689 ltc#182047).
- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).
- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).
- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).
- Revert 'drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)' This reverts commit 71e3a1b8d8cf73f711f3e4100aa51f68e631f94f.
- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.
- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)
- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).
- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).
- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).
- s390/bpf: fix lcgr instruction encoding (bsc#1051510).
- s390/bpf: use 32-bit index for tail calls (bsc#1051510).
- s390/cio: avoid calling strlen on null pointer (bsc#1051510).
- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).
- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).
- s390: fix stfle zero padding (bsc#1051510).
- s390/idle: fix cpu idle time calculation (bsc#1051510).
- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).
- s390/process: avoid potential reading of freed stack (bsc#1051510).
- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).
- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).
- s390/qeth: return proper errno on IO error (bsc#1051510).
- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).
- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).
- s390/topology: avoid firing events before kobjs are created (bsc#1051510).
- sc16is7xx: Fix for 'Unexpected interrupt: 8' (bsc#1051510).
- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).
- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).
- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).
- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).
- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).
- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).
- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).
- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).
- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).
- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).
- serial: fix kernel-doc warning in comments (bsc#1051510).
- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).
- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).
- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).
- serial: uartlite: fix exit path null pointer (bsc#1051510).
- serial: uartps: Fix suspend functionality (bsc#1051510).
- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).
- slcan: Fix memory leak in error path (bsc#1051510).
- slip: Fix memory leak in slip_open error path (bsc#1051510).
- slip: Fix use-after-free Read in slip_open (bsc#1051510).
- smb3: fix leak in 'open on server' perf counter (bsc#1144333, bsc#1154355).
- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).
- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).
- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).
- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).
- soc: imx: gpc: fix PDN delay (bsc#1051510).
- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).
- spi: atmel: Fix CS high support (bsc#1051510).
- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).
- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).
- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).
- spi: mediatek: use correct mata->xfer_len when in fifo transfer (bsc#1051510).
- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).
- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).
- spi: spidev: Fix OF tree warning logic (bsc#1051510).
- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).
- supported.conf:
- synclink_gt(): fix compat_ioctl() (bsc#1051510).
- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).
- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).
- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).
- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).
- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable (bsc#1051510).
- tipc: compat: allow tipc commands without arguments (bsc#1051510).
- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).
- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).
- tipc: handle the err returned from cmd header function (bsc#1051510).
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).
- tipc: tipc clang warning (bsc#1051510).
- tpm: add check after commands attribs tab allocation (bsc#1051510).
- tracing: Get trace_array reference for available_tracers files (bsc#1156429).
- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: msm_serial: Fix flow control (bsc#1051510).
- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).
- UAS: Revert commit 3ae62a42090f ('UAS: fix alignment of scatter/gather segments').
- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).
- USB: chaoskey: fix error case of a timeout (git-fixes).
- USB: chipidea: Fix otg event handler (bsc#1051510).
- USB: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).
- USB: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).
- USB: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).
- USB: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).
- USB: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).
- USB: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).
- USB: gadget: uvc: Factor out video USB request queueing (bsc#1051510).
- USB: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).
- USB: handle warm-reset port requests on hub resume (bsc#1051510).
- USBIP: add config dependency for SGL_ALLOC (git-fixes).
- USBip: Fix free of unallocated memory in vhci tx (git-fixes).
- USBip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).
- USBip: Implement SG support to vhci-hcd and stub driver (git-fixes).
- USBip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).
- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).
- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).
- USB: serial: mos7720: fix remote wakeup (git-fixes).
- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).
- USB: serial: mos7840: fix remote wakeup (git-fixes).
- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).
- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).
- USB: serial: whiteheat: fix line-speed endianness (bsc#1051510).
- usb-storage: Revert commit 747668dbc061 ('usb-storage: Set virt_boundary_mask to avoid SG overflows') (bsc#1051510).
- USB: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).
- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).
- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).
- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).
- video/hdmi: Fix AVI bar unpack (git-fixes).
- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).
- virtio_ring: fix return code on DMA mapping fails (git-fixes).
- virtio/s390: fix race on airq_areas (bsc#1051510).
- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).
- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).
- watchdog: meson: Fix the wrong value of left time (bsc#1051510).
- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).
- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).
- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).
- x86/pkeys: Update documentation about availability (bsc#1078248).
- x86/resctrl: Fix potential lockdep warning (bsc#1114279).
- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).
- xfrm: fix sa selector validation (bsc#1156609).
- xfrm: Fix xfrm sel prefix length validation (git-fixes).
Patchnames: SUSE-2019-3289,SUSE-SLE-Module-Public-Cloud-15-2019-3289
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.1 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
224 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 kernel-azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bsc#1158445).\n- CVE-2019-19543: Fixed a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bsc#1158427).\n- CVE-2019-19525: Fixed a use-after-free due to a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035 (bsc#1158417).\n- CVE-2019-19530: Fixed a use-after-free due to a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bsc#1158410).\n- CVE-2019-19536: Fixed a potential information leak due to a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0 (bsc#1158394).\n- CVE-2019-19524: Fixed a use-after-free due to a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bsc#1158413).\n- CVE-2019-19528: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d (bsc#1158407).\n- CVE-2019-19534: Fixed a potential information leak due to a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29 (bsc#1158398).\n- CVE-2019-19529: Fixed a use-after-free due to a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41 (bsc#1158381).\n- CVE-2019-14901: Fixed a heap overflow in Marvell WiFi chip driver which could have allowed a remote attacker to cause denial of service or execute arbitrary code (bsc#1157042).\n- CVE-2019-14895: Fixed a heap-based buffer overflow in Marvell WiFi chip driver which may occur when the station attempts a connection negotiation during the handling of the remote devices country settings leading to denial of service (bsc#1157158).\n- CVE-2019-18660: Fixed a potential information leak on powerpc because the Spectre-RSB mitigation was not in place for all applicable CPUs, aka CID-39e72bf96f58 (bsc#1157038).\n- CVE-2019-18683: Fixed a privilege escalation due to multiple race conditions (bsc#1155897).\n- CVE-2019-18809: Fixed a memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c aka CID-2289adbfa559 (bsc#1156258).\n- CVE-2019-19062: Fixed a memory leak in the crypto_report() function in crypto/crypto_user_base.c aka CID-ffdde5932042 (bsc#1157333).\n- CVE-2019-19057: Fixed two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-d10dcb615c8e (bsc#1157193).\n- CVE-2019-19056: Fixed a memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-db8fd2cde932 (bsc#1157197).\n- CVE-2019-19068: Fixed a memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c aka CID-a2cdd07488e6 (bsc#1157307).\n- CVE-2019-19063: Fixed two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c aka CID-3f9361695113 (bsc#1157298).\n- CVE-2019-19227: Fixed a potential null pointer dereference in the AppleTalk subsystem leadind to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c aka CID-9804501fa122 (bsc#1157678).\n- CVE-2019-19065: Fixed a memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c aka CID-34b3be18a04e (bsc#1157191).\n- CVE-2019-19077: Fixed a memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c aka CID-4a9d46a9fe14 (bsc#1157171).\n- CVE-2019-19052: Fixed a memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c aka CID-fb5be6a7b486 (bsc#1157324).\n- CVE-2019-19067: Fixed multiple memory leaks in acp_hw_init (bsc#1157180).\n- CVE-2019-19060: Fixed a memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c aka CID-ab612b1daf41 (bsc#1157178).\n- CVE-2019-19049: Fixed a memory leak in unittest_data_add (bsc#1157173).\n- CVE-2019-19075: Fixed a memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c aka CID-6402939ec86e (bsc#1157162).\n- CVE-2019-19058: Fixed a memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c aka CID-b4b814fec1a5 (bsc#1157145).\n- CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c aka CID-728c1e2a05e4 (bsc#1157143).\n- CVE-2019-19073: Fixed multiple memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c aka CID-853acf7caf10 (bsc#1157070).\n- CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which would have caused denial of service (bsc#1149448).\n- CVE-2019-16231: Fixed a null pointer dereference in drivers/net/fjes/fjes_main.c (bsc#1150466).\n- CVE-2019-0154: Fixed a local denial of service via read of unprotected i915 registers. (bsc#1135966)\n- CVE-2019-0155: Fixed a privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967)\n\nThe following non-security bugs were fixed:\n\n- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).\n- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).\n- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).\n- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).\n- ALSA: 6fire: Drop the dead code (git-fixes).\n- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).\n- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).\n- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).\n- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).\n- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).\n- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).\n- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).\n- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).\n- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).\n- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).\n- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).\n- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).\n- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).\n- ALSA: seq: Do error checks at creating system ports (bsc#1051510).\n- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).\n- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).\n- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).\n- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).\n- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.\n- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).\n- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).\n- ASoC: dpcm: Properly initialise hw-\u003erate_max (bsc#1051510).\n- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).\n- ASoC: kirkwood: fix external clock probe defer (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).\n- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).\n- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).\n- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).\n- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).\n- ata: ep93xx: Use proper enums for directions (bsc#1051510).\n- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).\n- ath10k: fix vdev-start timeout on error (bsc#1051510).\n- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).\n- ath10k: wmi: disable softirq\u0027s while calling ieee80211_rx (bsc#1051510).\n- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).\n- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).\n- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).\n- ath9k: fix tx99 with monitor mode interface (bsc#1051510).\n- ath9k_hw: fix uninitialized variable data (bsc#1051510).\n- ax88172a: fix information leak on short answers (bsc#1051510).\n- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).\n- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).\n- Bluetooth: delete a stray unlock (bsc#1051510).\n- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).\n- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).\n- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).\n- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).\n- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).\n- brcmfmac: reduce timeout for action frame scan (bsc#1051510).\n- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).\n- brcmsmac: never log \u0027tid x is not agg\u0027able\u0027 by default (bsc#1051510).\n- Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).\n- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).\n- can: mcba_usb: fix use-after-free on disconnect (git-fixes).\n- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).\n- can: peak_usb: fix slab info leak (git-fixes).\n- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).\n- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).\n- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).\n- can: usb_8dev: fix use-after-free on disconnect (git-fixes).\n- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).\n- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).\n- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).\n- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).\n- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).\n- cfg80211: call disconnect_wk when AP stops (bsc#1051510).\n- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).\n- CIFS: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).\n- CIFS: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).\n- CIFS: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).\n- CIFS: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).\n- CIFS: fix max ea value size (bsc#1144333, bsc#1154355).\n- CIFS: Fix missed free operations (bsc#1144333, bsc#1154355).\n- CIFS: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).\n- CIFS: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).\n- CIFS: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).\n- CIFS: Fix use after free of file info structures (bsc#1144333, bsc#1154355).\n- CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).\n- CIFS: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).\n- CIFS: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).\n- CIFS: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).\n- CIFS: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).\n- CIFS: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).\n- CIFS: use cifsInodeInfo-\u003eopen_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).\n- CIFS: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).\n- CIFS: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).\n- clk: at91: avoid sleeping early (git-fixes).\n- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).\n- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).\n- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).\n- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).\n- clk: sunxi-ng: a80: fix the zero\u0027ing of bits 16 and 18 (git-fixes).\n- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).\n- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).\n- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).\n- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).\n- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).\n- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).\n- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).\n- cpufreq: Skip cpufreq resume if it\u0027s not suspended (bsc#1051510).\n- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).\n- cpupower: Fix coredump on VMWare (bsc#1051510).\n- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).\n- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).\n- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).\n- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).\n- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).\n- crypto: fix a memory leak in rsa-kcs1pad\u0027s encryption mode (bsc#1051510).\n- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).\n- crypto: mxs-dcp - Fix AES issues (bsc#1051510).\n- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).\n- crypto: mxs-dcp - make symbols \u0027sha1_null_hash\u0027 and \u0027sha256_null_hash\u0027 static (bsc#1051510).\n- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).\n- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).\n- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).\n- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).\n- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).\n- Disable SGL_ALLOC\n- dlm: do not leak kernel pointer to userspace (bsc#1051510).\n- dlm: fix invalid free (bsc#1051510).\n- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).\n- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).\n- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).\n- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).\n- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).\n- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).\n- docs: move protection-keys.rst to the core-api book (bsc#1078248).\n- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).\n- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).\n- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)\n- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)\n- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).\n- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)\n- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).\n- e1000e: Use dev_get_drvdata where possible (bsc#1158049).\n- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).\n- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).\n- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).\n- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).\n- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).\n- fix SCTP regression (networking-stable-19_10_24 bsc#1158082).\n- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).\n- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).\n- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).\n- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).\n- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).\n- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).\n- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).\n- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).\n- HID: Fix assumption that devices have inputs (git-fixes).\n- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).\n- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).\n- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).\n- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).\n- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).\n- hypfs: Fix error number left in struct pointer member (bsc#1051510).\n- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).\n- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).\n- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).\n- iio: adc: stm32-adc: fix stopping dma (git-fixes).\n- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).\n- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).\n- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).\n- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).\n- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).\n- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).\n- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).\n- Input: ff-memless - kill timer in destroy() (bsc#1051510).\n- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).\n- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).\n- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).\n- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).\n- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).\n- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).\n- Input: synaptics-rmi4 - fix video buffer size (git-fixes).\n- intel_th: Fix a double put_device() in error path (git-fixes).\n- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).\n- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).\n- ipv4: Return -ENETUNREACH if we can\u0027t create route but saddr is valid (networking-stable-19_10_24).\n- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).\n- iwlwifi: check kasprintf() return value (bsc#1051510).\n- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).\n- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).\n- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).\n- kABI: Fix for \u0027KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled\u0027 (bsc#1158066).\n- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).\n- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).\n- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).\n- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).\n- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).\n- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).\n- KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled (bsc#1158066).\n- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).\n- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).\n- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).\n- liquidio: fix race condition in instruction completion processing (bsc#1051510).\n- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).\n- livepatch: Basic API to track system state changes (bsc#1071995 ).\n- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).\n- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).\n- loop: add ioctl for changing logical block size (bsc#1108043).\n- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).\n- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).\n- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).\n- macvlan: schedule bc_work even if error (bsc#1051510).\n- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).\n- media: au0828: Fix incorrect error messages (bsc#1051510).\n- media: bdisp: fix memleak on release (git-fixes).\n- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).\n- media: davinci: Fix implicit enum conversion warning (bsc#1051510).\n- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).\n- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).\n- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).\n- media: imon: invalid dereference in imon_touch_event (bsc#1051510).\n- media: isif: fix a NULL pointer dereference bug (bsc#1051510).\n- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).\n- media: pxa_camera: Fix check for pdev-\u003edev.of_node (bsc#1051510).\n- media: radio: wl1273: fix interrupt masking on release (git-fixes).\n- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).\n- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).\n- media: vim2m: Fix abort issue (git-fixes).\n- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).\n- mei: fix modalias documentation (git-fixes).\n- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).\n- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).\n- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).\n- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).\n- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).\n- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).\n- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).\n- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)\n- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095) \n- mmc: core: fix wl1251 sdio quirks (git-fixes).\n- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).\n- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).\n- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).\n- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).\n- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).\n- mmc: sdio: fix wl1251 vendor id (git-fixes).\n- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).\n- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).\n- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).\n- mtd: nand: mtk: fix incorrect register setting order about ecc irq.\n- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).\n- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).\n- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).\n- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).\n- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).\n- net: annotate accesses to sk-\u003esk_incoming_cpu (networking-stable-19_11_05).\n- net: annotate lockless accesses to sk-\u003esk_napi_id (networking-stable-19_11_05).\n- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).\n- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).\n- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).\n- net: bcmgenet: Set phydev-\u003edev_flags only for internal PHYs (networking-stable-19_10_24).\n- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).\n- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).\n- net: dsa: fix switch tree list (networking-stable-19_11_05).\n- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).\n- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).\n- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).\n- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).\n- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).\n- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).\n- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).\n- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).\n- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).\n- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).\n- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).\n- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).\n- nfc: netlink: fix double device reference drop (git-fixes).\n- nfc: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).\n- nfc: port100: handle command failure cleanly (git-fixes).\n- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).\n- openvswitch: fix flow command message size (git-fixes).\n- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).\n- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).\n- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).\n- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).\n- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).\n- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).\n- PCI/PME: Fix possible use-after-free on remove (git-fixes).\n- PCI/PTM: Remove spurious \u0027d\u0027 from granularity message (bsc#1051510).\n- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).\n- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).\n- PCI: tegra: Enable Relaxed Ordering only for Tegra20 \u0026 Tegra30 (git-fixes).\n- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).\n- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).\n- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).\n- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).\n- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).\n- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).\n- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).\n- pinctrl: sunxi: Fix a memory leak in \u0027sunxi_pinctrl_build_state()\u0027 (bsc#1051510).\n- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).\n- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).\n- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).\n- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).\n- PM / devfreq: passive: fix compiler warning (bsc#1051510).\n- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).\n- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).\n- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).\n- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).\n- powerpc/bpf: Fix tail call implementation (bsc#1157698).\n- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).\n- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).\n- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).\n- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).\n- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).\n- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).\n- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).\n- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).\n- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).\n- power: supply: max14656: fix potential use-after-free (bsc#1051510).\n- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).\n- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).\n- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).\n- printk: Export console_printk (bsc#1071995).\n- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).\n- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).\n- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).\n- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).\n- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).\n- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).\n- Remove patches that reportedly cause regression (bsc#1155689 ltc#182047).\n- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).\n- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).\n- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).\n- Revert \u0027drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)\u0027 This reverts commit 71e3a1b8d8cf73f711f3e4100aa51f68e631f94f. \n- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.\n- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)\n- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).\n- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).\n- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).\n- s390/bpf: fix lcgr instruction encoding (bsc#1051510).\n- s390/bpf: use 32-bit index for tail calls (bsc#1051510).\n- s390/cio: avoid calling strlen on null pointer (bsc#1051510).\n- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).\n- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).\n- s390: fix stfle zero padding (bsc#1051510).\n- s390/idle: fix cpu idle time calculation (bsc#1051510).\n- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).\n- s390/process: avoid potential reading of freed stack (bsc#1051510).\n- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).\n- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).\n- s390/qeth: return proper errno on IO error (bsc#1051510).\n- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).\n- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).\n- s390/topology: avoid firing events before kobjs are created (bsc#1051510).\n- sc16is7xx: Fix for \u0027Unexpected interrupt: 8\u0027 (bsc#1051510).\n- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).\n- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).\n- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).\n- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).\n- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).\n- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).\n- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).\n- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).\n- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).\n- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).\n- serial: fix kernel-doc warning in comments (bsc#1051510).\n- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).\n- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).\n- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).\n- serial: uartlite: fix exit path null pointer (bsc#1051510).\n- serial: uartps: Fix suspend functionality (bsc#1051510).\n- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).\n- slcan: Fix memory leak in error path (bsc#1051510).\n- slip: Fix memory leak in slip_open error path (bsc#1051510).\n- slip: Fix use-after-free Read in slip_open (bsc#1051510).\n- smb3: fix leak in \u0027open on server\u0027 perf counter (bsc#1144333, bsc#1154355).\n- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).\n- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).\n- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).\n- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).\n- soc: imx: gpc: fix PDN delay (bsc#1051510).\n- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).\n- spi: atmel: Fix CS high support (bsc#1051510).\n- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).\n- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).\n- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).\n- spi: mediatek: use correct mata-\u003exfer_len when in fifo transfer (bsc#1051510).\n- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).\n- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).\n- spi: spidev: Fix OF tree warning logic (bsc#1051510).\n- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).\n- supported.conf:\n- synclink_gt(): fix compat_ioctl() (bsc#1051510).\n- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).\n- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).\n- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).\n- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).\n- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).\n- tipc: check msg-\u003ereq data len in tipc_nl_compat_bearer_disable (bsc#1051510).\n- tipc: compat: allow tipc commands without arguments (bsc#1051510).\n- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).\n- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).\n- tipc: handle the err returned from cmd header function (bsc#1051510).\n- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).\n- tipc: tipc clang warning (bsc#1051510).\n- tpm: add check after commands attribs tab allocation (bsc#1051510).\n- tracing: Get trace_array reference for available_tracers files (bsc#1156429).\n- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: msm_serial: Fix flow control (bsc#1051510).\n- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).\n- UAS: Revert commit 3ae62a42090f (\u0027UAS: fix alignment of scatter/gather segments\u0027).\n- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).\n- USB: chaoskey: fix error case of a timeout (git-fixes).\n- USB: chipidea: Fix otg event handler (bsc#1051510).\n- USB: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).\n- USB: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).\n- USB: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).\n- USB: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).\n- USB: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).\n- USB: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).\n- USB: gadget: uvc: Factor out video USB request queueing (bsc#1051510).\n- USB: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).\n- USB: handle warm-reset port requests on hub resume (bsc#1051510).\n- USBIP: add config dependency for SGL_ALLOC (git-fixes).\n- USBip: Fix free of unallocated memory in vhci tx (git-fixes).\n- USBip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).\n- USBip: Implement SG support to vhci-hcd and stub driver (git-fixes).\n- USBip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).\n- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).\n- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).\n- USB: serial: mos7720: fix remote wakeup (git-fixes).\n- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).\n- USB: serial: mos7840: fix remote wakeup (git-fixes).\n- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).\n- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).\n- USB: serial: whiteheat: fix line-speed endianness (bsc#1051510).\n- usb-storage: Revert commit 747668dbc061 (\u0027usb-storage: Set virt_boundary_mask to avoid SG overflows\u0027) (bsc#1051510).\n- USB: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).\n- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).\n- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).\n- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).\n- video/hdmi: Fix AVI bar unpack (git-fixes).\n- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).\n- virtio_ring: fix return code on DMA mapping fails (git-fixes).\n- virtio/s390: fix race on airq_areas (bsc#1051510).\n- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).\n- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).\n- watchdog: meson: Fix the wrong value of left time (bsc#1051510).\n- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).\n- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).\n- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).\n- x86/pkeys: Update documentation about availability (bsc#1078248).\n- x86/resctrl: Fix potential lockdep warning (bsc#1114279).\n- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).\n- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).\n- xfrm: fix sa selector validation (bsc#1156609).\n- xfrm: Fix xfrm sel prefix length validation (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3289,SUSE-SLE-Module-Public-Cloud-15-2019-3289",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3289-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3289-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193289-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3289-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006252.html"
},
{
"category": "self",
"summary": "SUSE Bug 1048942",
"url": "https://bugzilla.suse.com/1048942"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1082635",
"url": "https://bugzilla.suse.com/1082635"
},
{
"category": "self",
"summary": "SUSE Bug 1089644",
"url": "https://bugzilla.suse.com/1089644"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1108043",
"url": "https://bugzilla.suse.com/1108043"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1117169",
"url": "https://bugzilla.suse.com/1117169"
},
{
"category": "self",
"summary": "SUSE Bug 1120853",
"url": "https://bugzilla.suse.com/1120853"
},
{
"category": "self",
"summary": "SUSE Bug 1131107",
"url": "https://bugzilla.suse.com/1131107"
},
{
"category": "self",
"summary": "SUSE Bug 1135966",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "self",
"summary": "SUSE Bug 1135967",
"url": "https://bugzilla.suse.com/1135967"
},
{
"category": "self",
"summary": "SUSE Bug 1138039",
"url": "https://bugzilla.suse.com/1138039"
},
{
"category": "self",
"summary": "SUSE Bug 1140948",
"url": "https://bugzilla.suse.com/1140948"
},
{
"category": "self",
"summary": "SUSE Bug 1141054",
"url": "https://bugzilla.suse.com/1141054"
},
{
"category": "self",
"summary": "SUSE Bug 1142095",
"url": "https://bugzilla.suse.com/1142095"
},
{
"category": "self",
"summary": "SUSE Bug 1143706",
"url": "https://bugzilla.suse.com/1143706"
},
{
"category": "self",
"summary": "SUSE Bug 1144333",
"url": "https://bugzilla.suse.com/1144333"
},
{
"category": "self",
"summary": "SUSE Bug 1149448",
"url": "https://bugzilla.suse.com/1149448"
},
{
"category": "self",
"summary": "SUSE Bug 1150466",
"url": "https://bugzilla.suse.com/1150466"
},
{
"category": "self",
"summary": "SUSE Bug 1151548",
"url": "https://bugzilla.suse.com/1151548"
},
{
"category": "self",
"summary": "SUSE Bug 1151900",
"url": "https://bugzilla.suse.com/1151900"
},
{
"category": "self",
"summary": "SUSE Bug 1153628",
"url": "https://bugzilla.suse.com/1153628"
},
{
"category": "self",
"summary": "SUSE Bug 1153811",
"url": "https://bugzilla.suse.com/1153811"
},
{
"category": "self",
"summary": "SUSE Bug 1154043",
"url": "https://bugzilla.suse.com/1154043"
},
{
"category": "self",
"summary": "SUSE Bug 1154058",
"url": "https://bugzilla.suse.com/1154058"
},
{
"category": "self",
"summary": "SUSE Bug 1154124",
"url": "https://bugzilla.suse.com/1154124"
},
{
"category": "self",
"summary": "SUSE Bug 1154355",
"url": "https://bugzilla.suse.com/1154355"
},
{
"category": "self",
"summary": "SUSE Bug 1154526",
"url": "https://bugzilla.suse.com/1154526"
},
{
"category": "self",
"summary": "SUSE Bug 1155021",
"url": "https://bugzilla.suse.com/1155021"
},
{
"category": "self",
"summary": "SUSE Bug 1155689",
"url": "https://bugzilla.suse.com/1155689"
},
{
"category": "self",
"summary": "SUSE Bug 1155897",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "self",
"summary": "SUSE Bug 1155921",
"url": "https://bugzilla.suse.com/1155921"
},
{
"category": "self",
"summary": "SUSE Bug 1156258",
"url": "https://bugzilla.suse.com/1156258"
},
{
"category": "self",
"summary": "SUSE Bug 1156429",
"url": "https://bugzilla.suse.com/1156429"
},
{
"category": "self",
"summary": "SUSE Bug 1156466",
"url": "https://bugzilla.suse.com/1156466"
},
{
"category": "self",
"summary": "SUSE Bug 1156471",
"url": "https://bugzilla.suse.com/1156471"
},
{
"category": "self",
"summary": "SUSE Bug 1156494",
"url": "https://bugzilla.suse.com/1156494"
},
{
"category": "self",
"summary": "SUSE Bug 1156609",
"url": "https://bugzilla.suse.com/1156609"
},
{
"category": "self",
"summary": "SUSE Bug 1156700",
"url": "https://bugzilla.suse.com/1156700"
},
{
"category": "self",
"summary": "SUSE Bug 1156729",
"url": "https://bugzilla.suse.com/1156729"
},
{
"category": "self",
"summary": "SUSE Bug 1156882",
"url": "https://bugzilla.suse.com/1156882"
},
{
"category": "self",
"summary": "SUSE Bug 1157038",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "self",
"summary": "SUSE Bug 1157042",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "self",
"summary": "SUSE Bug 1157070",
"url": "https://bugzilla.suse.com/1157070"
},
{
"category": "self",
"summary": "SUSE Bug 1157143",
"url": "https://bugzilla.suse.com/1157143"
},
{
"category": "self",
"summary": "SUSE Bug 1157145",
"url": "https://bugzilla.suse.com/1157145"
},
{
"category": "self",
"summary": "SUSE Bug 1157158",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "self",
"summary": "SUSE Bug 1157162",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "self",
"summary": "SUSE Bug 1157171",
"url": "https://bugzilla.suse.com/1157171"
},
{
"category": "self",
"summary": "SUSE Bug 1157173",
"url": "https://bugzilla.suse.com/1157173"
},
{
"category": "self",
"summary": "SUSE Bug 1157178",
"url": "https://bugzilla.suse.com/1157178"
},
{
"category": "self",
"summary": "SUSE Bug 1157180",
"url": "https://bugzilla.suse.com/1157180"
},
{
"category": "self",
"summary": "SUSE Bug 1157182",
"url": "https://bugzilla.suse.com/1157182"
},
{
"category": "self",
"summary": "SUSE Bug 1157183",
"url": "https://bugzilla.suse.com/1157183"
},
{
"category": "self",
"summary": "SUSE Bug 1157184",
"url": "https://bugzilla.suse.com/1157184"
},
{
"category": "self",
"summary": "SUSE Bug 1157191",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "self",
"summary": "SUSE Bug 1157193",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "self",
"summary": "SUSE Bug 1157197",
"url": "https://bugzilla.suse.com/1157197"
},
{
"category": "self",
"summary": "SUSE Bug 1157298",
"url": "https://bugzilla.suse.com/1157298"
},
{
"category": "self",
"summary": "SUSE Bug 1157307",
"url": "https://bugzilla.suse.com/1157307"
},
{
"category": "self",
"summary": "SUSE Bug 1157324",
"url": "https://bugzilla.suse.com/1157324"
},
{
"category": "self",
"summary": "SUSE Bug 1157333",
"url": "https://bugzilla.suse.com/1157333"
},
{
"category": "self",
"summary": "SUSE Bug 1157424",
"url": "https://bugzilla.suse.com/1157424"
},
{
"category": "self",
"summary": "SUSE Bug 1157463",
"url": "https://bugzilla.suse.com/1157463"
},
{
"category": "self",
"summary": "SUSE Bug 1157499",
"url": "https://bugzilla.suse.com/1157499"
},
{
"category": "self",
"summary": "SUSE Bug 1157678",
"url": "https://bugzilla.suse.com/1157678"
},
{
"category": "self",
"summary": "SUSE Bug 1157698",
"url": "https://bugzilla.suse.com/1157698"
},
{
"category": "self",
"summary": "SUSE Bug 1157778",
"url": "https://bugzilla.suse.com/1157778"
},
{
"category": "self",
"summary": "SUSE Bug 1157908",
"url": "https://bugzilla.suse.com/1157908"
},
{
"category": "self",
"summary": "SUSE Bug 1158049",
"url": "https://bugzilla.suse.com/1158049"
},
{
"category": "self",
"summary": "SUSE Bug 1158063",
"url": "https://bugzilla.suse.com/1158063"
},
{
"category": "self",
"summary": "SUSE Bug 1158064",
"url": "https://bugzilla.suse.com/1158064"
},
{
"category": "self",
"summary": "SUSE Bug 1158065",
"url": "https://bugzilla.suse.com/1158065"
},
{
"category": "self",
"summary": "SUSE Bug 1158066",
"url": "https://bugzilla.suse.com/1158066"
},
{
"category": "self",
"summary": "SUSE Bug 1158067",
"url": "https://bugzilla.suse.com/1158067"
},
{
"category": "self",
"summary": "SUSE Bug 1158068",
"url": "https://bugzilla.suse.com/1158068"
},
{
"category": "self",
"summary": "SUSE Bug 1158082",
"url": "https://bugzilla.suse.com/1158082"
},
{
"category": "self",
"summary": "SUSE Bug 1158381",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "self",
"summary": "SUSE Bug 1158394",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "self",
"summary": "SUSE Bug 1158398",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "self",
"summary": "SUSE Bug 1158407",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "self",
"summary": "SUSE Bug 1158410",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "self",
"summary": "SUSE Bug 1158413",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "self",
"summary": "SUSE Bug 1158417",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "self",
"summary": "SUSE Bug 1158427",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "self",
"summary": "SUSE Bug 1158445",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0154 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0155 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14895 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14901 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15916 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16231 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18660 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18683 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18809 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19049 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19052 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19056 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19057 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19058 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19060 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19062 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19063 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19065 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19067 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19068 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19073 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19074 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19075 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19077 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19227 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19524 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19525 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19528 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19529 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19530 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19531 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19534 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19536 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19543 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19543/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-12-12T14:52:54Z",
"generator": {
"date": "2019-12-12T14:52:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3289-1",
"initial_release_date": "2019-12-12T14:52:54Z",
"revision_history": [
{
"date": "2019-12-12T14:52:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-5.47.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-5.47.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-5.47.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-5.47.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-5.47.1.noarch",
"product_id": "kernel-source-azure-4.12.14-5.47.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-5.47.1.x86_64",
"product_id": "kernel-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-5.47.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-5.47.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-5.47.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-4.12.14-5.47.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-5.47.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-5.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-4.12.14-5.47.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-4.12.14-5.47.1.x86_64",
"product_id": "reiserfs-kmp-azure-4.12.14-5.47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-5.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-5.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-5.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-5.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-5.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-5.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-5.47.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-5.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-5.47.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-5.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-5.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-5.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0154"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0154",
"url": "https://www.suse.com/security/cve/CVE-2019-0154"
},
{
"category": "external",
"summary": "SUSE Bug 1135966 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "external",
"summary": "SUSE Bug 1181720 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1181720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-0154"
},
{
"cve": "CVE-2019-0155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0155"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0155",
"url": "https://www.suse.com/security/cve/CVE-2019-0155"
},
{
"category": "external",
"summary": "SUSE Bug 1135966 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "external",
"summary": "SUSE Bug 1135967 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1135967"
},
{
"category": "external",
"summary": "SUSE Bug 1173663 for CVE-2019-0155",
"url": "https://bugzilla.suse.com/1173663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-0155"
},
{
"cve": "CVE-2019-14895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14895"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14895",
"url": "https://www.suse.com/security/cve/CVE-2019-14895"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1157158 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "external",
"summary": "SUSE Bug 1173100 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173100"
},
{
"category": "external",
"summary": "SUSE Bug 1173660 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-14895"
},
{
"cve": "CVE-2019-14901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14901"
}
],
"notes": [
{
"category": "general",
"text": "A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14901",
"url": "https://www.suse.com/security/cve/CVE-2019-14901"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1173661 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1173661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-14901"
},
{
"cve": "CVE-2019-15916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15916"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15916",
"url": "https://www.suse.com/security/cve/CVE-2019-15916"
},
{
"category": "external",
"summary": "SUSE Bug 1149448 for CVE-2019-15916",
"url": "https://bugzilla.suse.com/1149448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-15916"
},
{
"cve": "CVE-2019-16231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16231"
}
],
"notes": [
{
"category": "general",
"text": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16231",
"url": "https://www.suse.com/security/cve/CVE-2019-16231"
},
{
"category": "external",
"summary": "SUSE Bug 1150466 for CVE-2019-16231",
"url": "https://bugzilla.suse.com/1150466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-16231"
},
{
"cve": "CVE-2019-18660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18660"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18660",
"url": "https://www.suse.com/security/cve/CVE-2019-18660"
},
{
"category": "external",
"summary": "SUSE Bug 1157038 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "external",
"summary": "SUSE Bug 1157923 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-18660"
},
{
"cve": "CVE-2019-18683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18683"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18683",
"url": "https://www.suse.com/security/cve/CVE-2019-18683"
},
{
"category": "external",
"summary": "SUSE Bug 1155897 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "external",
"summary": "SUSE Bug 1173868 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1173868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-18683"
},
{
"cve": "CVE-2019-18809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18809"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18809",
"url": "https://www.suse.com/security/cve/CVE-2019-18809"
},
{
"category": "external",
"summary": "SUSE Bug 1156258 for CVE-2019-18809",
"url": "https://bugzilla.suse.com/1156258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-18809"
},
{
"cve": "CVE-2019-19049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19049"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19049",
"url": "https://www.suse.com/security/cve/CVE-2019-19049"
},
{
"category": "external",
"summary": "SUSE Bug 1157173 for CVE-2019-19049",
"url": "https://bugzilla.suse.com/1157173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19049"
},
{
"cve": "CVE-2019-19052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19052"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19052",
"url": "https://www.suse.com/security/cve/CVE-2019-19052"
},
{
"category": "external",
"summary": "SUSE Bug 1157324 for CVE-2019-19052",
"url": "https://bugzilla.suse.com/1157324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19052"
},
{
"cve": "CVE-2019-19056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19056"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19056",
"url": "https://www.suse.com/security/cve/CVE-2019-19056"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19056",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19056"
},
{
"cve": "CVE-2019-19057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19057"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19057",
"url": "https://www.suse.com/security/cve/CVE-2019-19057"
},
{
"category": "external",
"summary": "SUSE Bug 1157193 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19057"
},
{
"cve": "CVE-2019-19058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19058"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19058",
"url": "https://www.suse.com/security/cve/CVE-2019-19058"
},
{
"category": "external",
"summary": "SUSE Bug 1157145 for CVE-2019-19058",
"url": "https://bugzilla.suse.com/1157145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19058"
},
{
"cve": "CVE-2019-19060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19060"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19060",
"url": "https://www.suse.com/security/cve/CVE-2019-19060"
},
{
"category": "external",
"summary": "SUSE Bug 1157178 for CVE-2019-19060",
"url": "https://bugzilla.suse.com/1157178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19060"
},
{
"cve": "CVE-2019-19062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19062"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19062",
"url": "https://www.suse.com/security/cve/CVE-2019-19062"
},
{
"category": "external",
"summary": "SUSE Bug 1157333 for CVE-2019-19062",
"url": "https://bugzilla.suse.com/1157333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19062"
},
{
"cve": "CVE-2019-19063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19063"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19063",
"url": "https://www.suse.com/security/cve/CVE-2019-19063"
},
{
"category": "external",
"summary": "SUSE Bug 1157298 for CVE-2019-19063",
"url": "https://bugzilla.suse.com/1157298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19063"
},
{
"cve": "CVE-2019-19065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19065"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because \"rhashtable_init() can only fail if it is passed invalid values in the second parameter\u0027s struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19065",
"url": "https://www.suse.com/security/cve/CVE-2019-19065"
},
{
"category": "external",
"summary": "SUSE Bug 1157191 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "external",
"summary": "SUSE Bug 1173961 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1173961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "important"
}
],
"title": "CVE-2019-19065"
},
{
"cve": "CVE-2019-19067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19067"
}
],
"notes": [
{
"category": "general",
"text": "Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19067",
"url": "https://www.suse.com/security/cve/CVE-2019-19067"
},
{
"category": "external",
"summary": "SUSE Bug 1157180 for CVE-2019-19067",
"url": "https://bugzilla.suse.com/1157180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19067"
},
{
"cve": "CVE-2019-19068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19068"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19068",
"url": "https://www.suse.com/security/cve/CVE-2019-19068"
},
{
"category": "external",
"summary": "SUSE Bug 1157307 for CVE-2019-19068",
"url": "https://bugzilla.suse.com/1157307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19068"
},
{
"cve": "CVE-2019-19073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19073"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19073",
"url": "https://www.suse.com/security/cve/CVE-2019-19073"
},
{
"category": "external",
"summary": "SUSE Bug 1157070 for CVE-2019-19073",
"url": "https://bugzilla.suse.com/1157070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19073"
},
{
"cve": "CVE-2019-19074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19074"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19074",
"url": "https://www.suse.com/security/cve/CVE-2019-19074"
},
{
"category": "external",
"summary": "SUSE Bug 1157143 for CVE-2019-19074",
"url": "https://bugzilla.suse.com/1157143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19074"
},
{
"cve": "CVE-2019-19075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19075"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19075",
"url": "https://www.suse.com/security/cve/CVE-2019-19075"
},
{
"category": "external",
"summary": "SUSE Bug 1157162 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "external",
"summary": "SUSE Bug 1173958 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1173958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19075"
},
{
"cve": "CVE-2019-19077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19077"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19077",
"url": "https://www.suse.com/security/cve/CVE-2019-19077"
},
{
"category": "external",
"summary": "SUSE Bug 1157171 for CVE-2019-19077",
"url": "https://bugzilla.suse.com/1157171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19077"
},
{
"cve": "CVE-2019-19227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19227"
}
],
"notes": [
{
"category": "general",
"text": "In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19227",
"url": "https://www.suse.com/security/cve/CVE-2019-19227"
},
{
"category": "external",
"summary": "SUSE Bug 1157678 for CVE-2019-19227",
"url": "https://bugzilla.suse.com/1157678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19227"
},
{
"cve": "CVE-2019-19524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19524",
"url": "https://www.suse.com/security/cve/CVE-2019-19524"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158413 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19524"
},
{
"cve": "CVE-2019-19525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19525",
"url": "https://www.suse.com/security/cve/CVE-2019-19525"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158417 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19525"
},
{
"cve": "CVE-2019-19528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19528",
"url": "https://www.suse.com/security/cve/CVE-2019-19528"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158407 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19528"
},
{
"cve": "CVE-2019-19529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19529",
"url": "https://www.suse.com/security/cve/CVE-2019-19529"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19529"
},
{
"cve": "CVE-2019-19530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19530",
"url": "https://www.suse.com/security/cve/CVE-2019-19530"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158410 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2019-19530"
},
{
"cve": "CVE-2019-19531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19531",
"url": "https://www.suse.com/security/cve/CVE-2019-19531"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "external",
"summary": "SUSE Bug 1158445 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19531"
},
{
"cve": "CVE-2019-19534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19534",
"url": "https://www.suse.com/security/cve/CVE-2019-19534"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158398 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19534"
},
{
"cve": "CVE-2019-19536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19536",
"url": "https://www.suse.com/security/cve/CVE-2019-19536"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158394 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19536"
},
{
"cve": "CVE-2019-19543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19543",
"url": "https://www.suse.com/security/cve/CVE-2019-19543"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19543",
"url": "https://bugzilla.suse.com/1158427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.47.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.47.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-12T14:52:54Z",
"details": "low"
}
],
"title": "CVE-2019-19543"
}
]
}
SUSE-SU-2019:3316-1
Vulnerability from csaf_suse - Published: 2019-12-17 12:07 - Updated: 2019-12-17 12:07Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 12 SP4 kernel-azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-19051: There was a memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1159024).
- CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous Abort (TAA) (bnc#1158954).
- CVE-2019-19332: There was an OOB memory write via kvm_dev_ioctl_get_cpuid (bnc#1158827).
- CVE-2019-19537: There was a race condition bug that can be caused by a malicious USB device in the USB character device driver layer (bnc#1158904).
- CVE-2019-19535: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver (bnc#1158903).
- CVE-2019-19527: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (bnc#1158900).
- CVE-2019-19526: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver (bnc#1158893).
- CVE-2019-19533: There was an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver (bnc#1158834).
- CVE-2019-19532: There were multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers (bnc#1158824).
- CVE-2019-19523: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bnc#1158381 1158823 1158834).
- CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544).
- CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bnc#1158445).
- CVE-2019-19543: There was a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427).
- CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver (bnc#1158417).
- CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver (bnc#1158410).
- CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver (bnc#1158394).
- CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver (bnc#1158413).
- CVE-2019-19528: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (bnc#1158407).
- CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (bnc#1158398).
- CVE-2019-19529: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver (bnc#1158381).
- CVE-2019-14901: A heap overflow flaw was found in the Linux kernel in Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042).
- CVE-2019-14895: A heap-based buffer overflow was discovered in the Linux kernel in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could have allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).
- CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038).
- CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897).
- CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1156258).
- CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures (bnc#1157333).
- CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).
- CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).
- CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157307).
- CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157298).
- CVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client (bnc#1157678).
- CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures (bnc#1157191).
- CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures (bnc#1157171).
- CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157324).
- CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures (bsc#1157180).
- CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157178).
- CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures (bsc#1157173).
- CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures (bnc#1157162).
- CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures (bnc#1157145).
- CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157143).
- CVE-2019-19073: Fixed memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures (bnc#1157070).
- CVE-2019-15916: An issue was discovered in the Linux kernel There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448).
- CVE-2019-0154: Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1135966).
- CVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466).
The following non-security bugs were fixed:
- ACPI / APEI: Do not wait to serialise with oops messages when panic()ing (bsc#1051510).
- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).
- ACPI / LPSS: Ignore acpi_device_fix_up_power() return value (bsc#1051510).
- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).
- ACPI: OSL: only free map once in osl.c (bsc#1051510).
- ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (bsc#1051510).
- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).
- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).
- ALSA: 6fire: Drop the dead code (git-fixes).
- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).
- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).
- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).
- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).
- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).
- ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes).
- ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes).
- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).
- ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 (git-fixes).
- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).
- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).
- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).
- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).
- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).
- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).
- ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes).
- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).
- ALSA: seq: Do error checks at creating system ports (bsc#1051510).
- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).
- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).
- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).
- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).
- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).
- ASoC: compress: fix unsigned integer overflow check (bsc#1051510).
- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).
- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).
- ASoC: dpcm: Properly initialise hw->rate_max (bsc#1051510).
- ASoC: kirkwood: fix external clock probe defer (git-fixes).
- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).
- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).
- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).
- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).
- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).
- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).
- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).
- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).
- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).
- Bluetooth: delete a stray unlock (bsc#1051510).
- Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading (bsc#1051510).
- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).
- Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).
- CIFS: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).
- CIFS: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).
- CIFS: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).
- CIFS: Fix use after free of file info structures (bsc#1144333, bsc#1154355).
- CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).
- CIFS: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).
- CIFS: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).
- CIFS: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).
- CIFS: fix max ea value size (bsc#1144333, bsc#1154355).
- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).
- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).
- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).
- EDAC/ghes: Fix locking and memory barrier issues (bsc#1114279). EDAC/ghes: Do not warn when incrementing refcount on 0 (bsc#1114279).
- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).
- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).
- HID: Fix assumption that devices have inputs (git-fixes).
- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).
- HID: doc: fix wrong data structure reference for UHID_OUTPUT (bsc#1051510).
- HID: intel-ish-hid: fixes incorrect error handling (bsc#1051510).
- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).
- Input: ff-memless - kill timer in destroy() (bsc#1051510).
- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).
- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).
- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).
- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).
- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).
- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).
- Input: synaptics-rmi4 - fix video buffer size (git-fixes).
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).
- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).
- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).
- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).
- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).
- KVM: x86: Introduce vcpu->arch.xsaves_enabled (bsc#1158066).
- KVM: x86: Remove a spurious export of a static function (bsc#1158954).
- NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).
- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).
- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).
- PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() (bsc#1051510).
- PCI/PME: Fix possible use-after-free on remove (git-fixes).
- PCI/PTM: Remove spurious 'd' from granularity message (bsc#1051510).
- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).
- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).
- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).
- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).
- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).
- PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 (git-fixes).
- PM / AVS: SmartReflex: NULL check before some freeing functions is not needed (bsc#1051510).
- PM / Domains: Deal with multiple states but no governor in genpd (bsc#1051510).
- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).
- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).
- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).
- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).
- PM / devfreq: passive: fix compiler warning (bsc#1051510).
- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).
- UAS: Revert commit 3ae62a42090f ('UAS: fix alignment of scatter/gather segments').
- USB: chaoskey: fix error case of a timeout (git-fixes).
- USB: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).
- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).
- USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P (bsc#1051510).
- USB: serial: mos7720: fix remote wakeup (git-fixes).
- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).
- USB: serial: mos7840: fix remote wakeup (git-fixes).
- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).
- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).
- USB: serial: whiteheat: fix line-speed endianness (bsc#1051510).
- USBIP: add config dependency for SGL_ALLOC (git-fixes).
- appledisplay: fix error handling in the scheduled work (git-fixes).
- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.
- ata: ep93xx: Use proper enums for directions (bsc#1051510).
- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).
- ath10k: fix vdev-start timeout on error (bsc#1051510).
- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).
- ath10k: wmi: disable softirq's while calling ieee80211_rx (bsc#1051510).
- ath6kl: Fix off by one error in scan completion (bsc#1051510).
- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).
- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).
- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).
- ath9k: fix tx99 with monitor mode interface (bsc#1051510).
- ath9k_hw: fix uninitialized variable data (bsc#1051510).
- atl1e: checking the status of atl1e_write_phy_reg (bsc#1051510).
- audit: Allow auditd to set pid to 0 to end auditing (bsc#1158094).
- ax88172a: fix information leak on short answers (bsc#1051510).
- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).
- bpf: Make use of probe_user_write in probe write helper (bsc#1083647).
- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).
- brcmfmac: reduce timeout for action frame scan (bsc#1051510).
- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).
- brcmsmac: never log 'tid x is not agg'able' by default (bsc#1051510).
- can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open (bsc#1051510).
- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).
- can: mcba_usb: fix use-after-free on disconnect (git-fixes).
- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).
- can: peak_usb: fix slab info leak (git-fixes).
- can: peak_usb: report bus recovery as well (bsc#1051510).
- can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error (bsc#1051510).
- can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error (bsc#1051510).
- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).
- can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM (bsc#1051510).
- can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors (bsc#1051510).
- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).
- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).
- can: usb_8dev: fix use-after-free on disconnect (git-fixes).
- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).
- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).
- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).
- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).
- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).
- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).
- cfg80211: call disconnect_wk when AP stops (bsc#1051510).
- cgroup,writeback: do not switch wbs immediately on dead wbs if the memcg is dead (bsc#1158645).
- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).
- cifs: Fix missed free operations (bsc#1144333, bsc#1154355).
- cifs: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).
- cifs: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).
- cifs: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).
- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).
- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).
- cifs: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).
- cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).
- cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).
- clk: at91: avoid sleeping early (git-fixes).
- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).
- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).
- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).
- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).
- clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 (git-fixes).
- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).
- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).
- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).
- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).
- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).
- cpufreq: Skip cpufreq resume if it's not suspended (bsc#1051510).
- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).
- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).
- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).
- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).
- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).
- cpupower: Fix coredump on VMWare (bsc#1051510).
- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).
- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).
- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).
- crypto: fix a memory leak in rsa-kcs1pad's encryption mode (bsc#1051510).
- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).
- crypto: mxc-scc - fix build warnings on ARM64 (bsc#1051510).
- crypto: mxs-dcp - Fix AES issues (bsc#1051510).
- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).
- crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static (bsc#1051510).
- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).
- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).
- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).
- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).
- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).
- dlm: do not leak kernel pointer to userspace (bsc#1051510).
- dlm: fix invalid free (bsc#1051510).
- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).
- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).
- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).
- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).
- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).
- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).
- docs: move protection-keys.rst to the core-api book (bsc#1078248).
- drivers/base/platform.c: kmemleak ignore a known leak (bsc#1051510).
- drivers/regulator: fix a missing check of return value (bsc#1051510).
- drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1114279)
- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)
- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)
- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).
- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)
- drm/rockchip: Round up _before_ giving to the clock framework (bsc#1114279)
- drm: panel-lvds: Potential Oops in probe error handling (bsc#1114279)
- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).
- e1000e: Use dev_get_drvdata where possible (bsc#1158049).
- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).
- ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable (bsc#1158646).
- ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either (bsc#1158647).
- ext4: fix punch hole for inline_data file systems (bsc#1158640).
- ext4: update direct I/O read lock pattern for IOCB_NOWAIT (bsc#1158639).
- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).
- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).
- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).
- sctp: Fixed regression (bsc#1158082).
- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).
- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).
- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).
- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).
- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).
- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).
- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).
- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).
- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).
- hwrng: stm32 - fix unbalanced pm_runtime_enable (bsc#1051510).
- hypfs: Fix error number left in struct pointer member (bsc#1051510).
- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).
- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).
- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).
- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).
- idr: Fix idr_alloc_u32 on 32-bit systems (bsc#1051510).
- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).
- iio: adc: stm32-adc: fix stopping dma (git-fixes).
- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).
- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).
- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).
- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).
- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).
- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).
- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).
- intel_th: Fix a double put_device() in error path (git-fixes).
- iomap: Fix pipe page leakage during splicing (bsc#1158651).
- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).
- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).
- ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (networking-stable-19_10_24).
- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).
- iwlwifi: check kasprintf() return value (bsc#1051510).
- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).
- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).
- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).
- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).
- kABI: Fix for 'KVM: x86: Introduce vcpu->arch.xsaves_enabled' (bsc#1158066).
- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).
- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).
- liquidio: fix race condition in instruction completion processing (bsc#1051510).
- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).
- livepatch: Basic API to track system state changes (bsc#1071995 ).
- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).
- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).
- loop: add ioctl for changing logical block size (bsc#1108043).
- loop: fix no-unmap write-zeroes request behavior (bsc#1158637).
- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).
- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).
- mac80211: fix station inactive_time shortly after boot (bsc#1051510).
- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).
- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).
- macvlan: schedule bc_work even if error (bsc#1051510).
- mailbox: mailbox-test: fix null pointer if no mmio (bsc#1051510).
- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).
- media: au0828: Fix incorrect error messages (bsc#1051510).
- media: bdisp: fix memleak on release (git-fixes).
- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).
- media: davinci: Fix implicit enum conversion warning (bsc#1051510).
- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).
- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).
- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).
- media: imon: invalid dereference in imon_touch_event (bsc#1051510).
- media: isif: fix a NULL pointer dereference bug (bsc#1051510).
- media: ov6650: Fix control handler not freed on init error (git-fixes).
- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).
- media: pxa_camera: Fix check for pdev->dev.of_node (bsc#1051510).
- media: radio: wl1273: fix interrupt masking on release (git-fixes).
- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).
- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).
- media: uvcvideo: Fix error path in control parsing failure (git-fixes).
- media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE (bsc#1051510).
- media: vim2m: Fix abort issue (git-fixes).
- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).
- mei: bus: prefix device names on bus with the bus name (bsc#1051510).
- mei: fix modalias documentation (git-fixes).
- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).
- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).
- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).
- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).
- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).
- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).
- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
- mm, memory_hotplug: do not clear numa_node association after hot_remove (bnc#1115026).
- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).
- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).
- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).
- mmc: core: fix wl1251 sdio quirks (git-fixes).
- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).
- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).
- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).
- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).
- mmc: sdio: fix wl1251 vendor id (git-fixes).
- moduleparam: fix parameter description mismatch (bsc#1051510).
- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).
- mtd: nand: mtk: fix incorrect register setting order about ecc irq.
- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).
- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).
- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).
- mwifiex: debugfs: correct histogram spacing, formatting (bsc#1051510).
- mwifiex: fix potential NULL dereference and use after free (bsc#1051510).
- nbd: prevent memory leak (bsc#1158638).
- net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047).
- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).
- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).
- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).
- net/smc: Fix error path in smc_init (git-fixes).
- net/smc: avoid fallback in case of non-blocking connect (git-fixes).
- net/smc: fix closing of fallback SMC sockets (git-fixes).
- net/smc: fix ethernet interface refcounting (git-fixes).
- net/smc: fix refcounting for non-blocking connect() (git-fixes).
- net/smc: keep vlan_id for SMC-R in smc_listen_work() (git-fixes).
- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).
- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).
- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).
- net: annotate accesses to sk->sk_incoming_cpu (networking-stable-19_11_05).
- net: annotate lockless accesses to sk->sk_napi_id (networking-stable-19_11_05).
- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).
- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).
- net: bcmgenet: Set phydev->dev_flags only for internal PHYs (networking-stable-19_10_24).
- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).
- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).
- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).
- net: dsa: fix switch tree list (networking-stable-19_11_05).
- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).
- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).
- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).
- net: phy: Check against net_device being NULL (bsc#1051510).
- net: phy: Fix not to call phy_resume() if PHY is not attached (bsc#1051510).
- net: phy: Fix the register offsets in Broadcom iProc mdio mux driver (bsc#1051510).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bsc#1051510).
- net: phy: broadcom: Use strlcpy() for ethtool::get_strings (bsc#1051510).
- net: phy: dp83867: Set up RGMII TX delay (bsc#1051510).
- net: phy: fixed_phy: Fix fixed_phy not checking GPIO (bsc#1051510).
- net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1051510).
- net: phy: marvell: clear wol event before setting it (bsc#1051510).
- net: phy: meson-gxl: check phy_write return value (bsc#1051510).
- net: phy: micrel: Use strlcpy() for ethtool::get_strings (bsc#1051510).
- net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 (bsc#1051510).
- net: phy: mscc: read 'vsc8531,vddmac' as an u32 (bsc#1051510).
- net: phy: xgene: disable clk on error paths (bsc#1051510).
- net: phy: xgmiitorgmii: Check phy_driver ready before accessing (bsc#1051510).
- net: phy: xgmiitorgmii: Check read_status results (bsc#1051510).
- net: phy: xgmiitorgmii: Support generic PHY status read (bsc#1051510).
- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).
- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).
- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).
- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).
- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).
- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).
- nfc: netlink: fix double device reference drop (git-fixes).
- nfc: port100: handle command failure cleanly (git-fixes).
- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).
- ocfs2: fix panic due to ocfs2_wq is null (bsc#1158644).
- ocfs2: fix passing zero to 'PTR_ERR' warning (bsc#1158649).
- openvswitch: fix flow command message size (git-fixes).
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).
- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).
- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).
- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).
- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).
- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).
- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).
- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).
- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).
- pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' (bsc#1051510).
- pinctrl: xway: fix gpio-hog related boot issues (bsc#1051510).
- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).
- pktcdvd: remove warning on attempting to register non-passthrough dev (bsc#1051510).
- platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size (bsc#1051510).
- platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer (bsc#1051510).
- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).
- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).
- power: supply: max14656: fix potential use-after-free (bsc#1051510).
- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).
- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).
- powerpc/bpf: Fix tail call implementation (bsc#1157698).
- powerpc/pseries/mobility: notify network peers after migration (bsc#1152631 ltc#181798).
- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).
- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).
- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).
- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).
- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).
- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).
- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).
- printk: Export console_printk (bsc#1071995).
- pwm: Clear chip_data in pwm_put() (bsc#1051510).
- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).
- pwm: clps711x: Fix period calculation (bsc#1051510).
- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).
- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).
- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).
- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).
- regulator: tps65910: fix a missing check of return value (bsc#1051510).
- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).
- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).
- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).
- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).
- reset: fix reset_control_ops kerneldoc comment (bsc#1051510).
- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.
- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)
- rt2800: remove errornous duplicate condition (git-fixes).
- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).
- rtl818x: fix potential use after free (bsc#1051510).
- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).
- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).
- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).
- s390/bpf: fix lcgr instruction encoding (bsc#1051510).
- s390/bpf: use 32-bit index for tail calls (bsc#1051510).
- s390/cio: avoid calling strlen on null pointer (bsc#1051510).
- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).
- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).
- s390/idle: fix cpu idle time calculation (bsc#1051510).
- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).
- s390/process: avoid potential reading of freed stack (bsc#1051510).
- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).
- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).
- s390/qeth: return proper errno on IO error (bsc#1051510).
- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).
- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).
- s390/topology: avoid firing events before kobjs are created (bsc#1051510).
- s390: fix stfle zero padding (bsc#1051510).
- sc16is7xx: Fix for 'Unexpected interrupt: 8' (bsc#1051510).
- sched/fair: WARN() and refuse to set buddy when !se->on_rq (bsc#1158132).
- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).
- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).
- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).
- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).
- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Correctly retrieve and interpret active flash region (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).
- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).
- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).
- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).
- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).
- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).
- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).
- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).
- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).
- serial: fix kernel-doc warning in comments (bsc#1051510).
- serial: max310x: Fix tx_empty() callback (bsc#1051510).
- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).
- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).
- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).
- serial: uartlite: fix exit path null pointer (bsc#1051510).
- serial: uartps: Fix suspend functionality (bsc#1051510).
- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).
- slcan: Fix memory leak in error path (bsc#1051510).
- slip: Fix memory leak in slip_open error path (bsc#1051510).
- slip: Fix use-after-free Read in slip_open (bsc#1051510).
- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).
- smb3: fix leak in 'open on server' perf counter (bsc#1144333, bsc#1154355).
- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).
- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).
- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).
- soc: imx: gpc: fix PDN delay (bsc#1051510).
- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).
- spi: atmel: Fix CS high support (bsc#1051510).
- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).
- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).
- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).
- spi: mediatek: use correct mata->xfer_len when in fifo transfer (bsc#1051510).
- spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch (bsc#1051510).
- spi: omap2-mcspi: Set FIFO DMA trigger level to word length (bsc#1051510).
- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).
- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).
- spi: spidev: Fix OF tree warning logic (bsc#1051510).
- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).
- staging: rtl8192e: fix potential use after free (bsc#1051510).
- staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids (bsc#1051510).
- staging: rtl8723bs: Drop ACPI device ids (bsc#1051510).
- stm class: Fix a double free of stm_source_device (bsc#1051510).
- supported.conf:
- synclink_gt(): fix compat_ioctl() (bsc#1051510).
- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).
- thermal: Fix deadlock in thermal thermal_zone_device_check (bsc#1051510).
- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).
- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).
- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).
- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable (bsc#1051510).
- tipc: compat: allow tipc commands without arguments (bsc#1051510).
- tipc: fix a missing check of genlmsg_put (bsc#1051510).
- tipc: fix link name length check (bsc#1051510).
- tipc: fix memory leak in tipc_nl_compat_publ_dump (bsc#1051510).
- tipc: fix skb may be leaky in tipc_link_input (bsc#1051510).
- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).
- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).
- tipc: handle the err returned from cmd header function (bsc#1051510).
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).
- tipc: tipc clang warning (bsc#1051510).
- tpm: add check after commands attribs tab allocation (bsc#1051510).
- tracing: Get trace_array reference for available_tracers files (bsc#1156429).
- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).
- tty: serial: msm_serial: Fix flow control (bsc#1051510).
- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).
- uaccess: Add non-pagefault user-space write function (bsc#1083647).
- ubifs: Correctly initialize c->min_log_bytes (bsc#1158641).
- ubifs: Limit the number of pages in shrink_liability (bsc#1158643).
- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).
- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).
- usb-storage: Revert commit 747668dbc061 ('usb-storage: Set virt_boundary_mask to avoid SG overflows') (bsc#1051510).
- usb: chipidea: Fix otg event handler (bsc#1051510).
- usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).
- usb: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).
- usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).
- usb: gadget: uvc: Factor out video USB request queueing (bsc#1051510).
- usb: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).
- usb: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).
- usb: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).
- usb: handle warm-reset port requests on hub resume (bsc#1051510).
- usb: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).
- usbip: Fix free of unallocated memory in vhci tx (git-fixes).
- usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).
- usbip: Implement SG support to vhci-hcd and stub driver (git-fixes).
- usbip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).
- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).
- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).
- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).
- vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 (bsc#1051510).
- video/hdmi: Fix AVI bar unpack (git-fixes).
- video: backlight: Add devres versions of of_find_backlight (bsc#1090888) Taken for 6010831dde5.
- video: backlight: Add of_find_backlight helper in backlight.c (bsc#1090888) Taken for 6010831dde5.
- virtio/s390: fix race on airq_areas (bsc#1051510).
- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).
- virtio_ring: fix return code on DMA mapping fails (git-fixes).
- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).
- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).
- watchdog: meson: Fix the wrong value of left time (bsc#1051510).
- watchdog: sama5d4: fix WDD value to be always set to max (bsc#1051510).
- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).
- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).
- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).
- x86/pkeys: Update documentation about availability (bsc#1078248).
- x86/resctrl: Fix potential lockdep warning (bsc#1114279).
- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).
- x86/speculation: Fix incorrect MDS/TAA mitigation status (bsc#1114279).
- x86/speculation: Fix redundant MDS mitigation message (bsc#1114279).
- xfrm: Fix xfrm sel prefix length validation (git-fixes).
- xfrm: fix sa selector validation (bsc#1156609).
- xfs: Sanity check flags of Q_XQUOTARM call (bsc#1158652).
Patchnames: SUSE-2019-3316,SUSE-SLE-SERVER-12-SP4-2019-3316
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
299 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP4 kernel-azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-19051: There was a memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1159024).\n- CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous Abort (TAA) (bnc#1158954).\n- CVE-2019-19332: There was an OOB memory write via kvm_dev_ioctl_get_cpuid (bnc#1158827).\n- CVE-2019-19537: There was a race condition bug that can be caused by a malicious USB device in the USB character device driver layer (bnc#1158904).\n- CVE-2019-19535: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver (bnc#1158903).\n- CVE-2019-19527: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (bnc#1158900).\n- CVE-2019-19526: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver (bnc#1158893).\n- CVE-2019-19533: There was an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver (bnc#1158834).\n- CVE-2019-19532: There were multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers (bnc#1158824).\n- CVE-2019-19523: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bnc#1158381 1158823 1158834).\n- CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544).\n- CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bnc#1158445).\n- CVE-2019-19543: There was a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427).\n- CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver (bnc#1158417).\n- CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver (bnc#1158410).\n- CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver (bnc#1158394).\n- CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver (bnc#1158413).\n- CVE-2019-19528: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (bnc#1158407).\n- CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (bnc#1158398).\n- CVE-2019-19529: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver (bnc#1158381).\n- CVE-2019-14901: A heap overflow flaw was found in the Linux kernel in Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042).\n- CVE-2019-14895: A heap-based buffer overflow was discovered in the Linux kernel in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could have allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).\n- CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038).\n- CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897).\n- CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1156258).\n- CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures (bnc#1157333).\n- CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).\n- CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).\n- CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157307).\n- CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157298).\n- CVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client (bnc#1157678).\n- CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures (bnc#1157191).\n- CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures (bnc#1157171).\n- CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157324).\n- CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures (bsc#1157180).\n- CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157178).\n- CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures (bsc#1157173).\n- CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures (bnc#1157162).\n- CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures (bnc#1157145).\n- CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157143).\n- CVE-2019-19073: Fixed memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures (bnc#1157070).\n- CVE-2019-15916: An issue was discovered in the Linux kernel There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448).\n- CVE-2019-0154: Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1135966).\n- CVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466).\n\n\nThe following non-security bugs were fixed:\n\n- ACPI / APEI: Do not wait to serialise with oops messages when panic()ing (bsc#1051510).\n- ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask (bsc#1051510).\n- ACPI / LPSS: Ignore acpi_device_fix_up_power() return value (bsc#1051510).\n- ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).\n- ACPI: OSL: only free map once in osl.c (bsc#1051510).\n- ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (bsc#1051510).\n- ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).\n- ACPICA: Use %d for signed int print formatting instead of %u (bsc#1051510).\n- ALSA: 6fire: Drop the dead code (git-fixes).\n- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).\n- ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes).\n- ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).\n- ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).\n- ALSA: hda - Fix pending unsol events at shutdown (git-fixes).\n- ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes).\n- ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes).\n- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).\n- ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 (git-fixes).\n- ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes).\n- ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes).\n- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).\n- ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).\n- ALSA: intel8x0m: Register irq handler after register initializations (bsc#1051510).\n- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).\n- ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes).\n- ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).\n- ALSA: seq: Do error checks at creating system ports (bsc#1051510).\n- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).\n- ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes).\n- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).\n- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).\n- ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation (bsc#1051510).\n- ASoC: compress: fix unsigned integer overflow check (bsc#1051510).\n- ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable 4.14.y).\n- ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).\n- ASoC: dpcm: Properly initialise hw-\u003erate_max (bsc#1051510).\n- ASoC: kirkwood: fix external clock probe defer (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).\n- ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).\n- ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).\n- ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable 4.14.y).\n- ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).\n- Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).\n- Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).\n- Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS (bsc#1051510).\n- Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).\n- Bluetooth: delete a stray unlock (bsc#1051510).\n- Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading (bsc#1051510).\n- Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).\n- Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).\n- CIFS: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).\n- CIFS: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333, bsc#1154355).\n- CIFS: Fix retry mid list corruption on reconnects (bsc#1144333, bsc#1154355).\n- CIFS: Fix use after free of file info structures (bsc#1144333, bsc#1154355).\n- CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333, bsc#1154355).\n- CIFS: Force revalidate inode when dentry is stale (bsc#1144333, bsc#1154355).\n- CIFS: Gracefully handle QueryInfo errors during open (bsc#1144333, bsc#1154355).\n- CIFS: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).\n- CIFS: fix max ea value size (bsc#1144333, bsc#1154355).\n- Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes).\n- Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).\n- EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).\n- EDAC/ghes: Fix locking and memory barrier issues (bsc#1114279). EDAC/ghes: Do not warn when incrementing refcount on 0 (bsc#1114279).\n- HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).\n- HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).\n- HID: Fix assumption that devices have inputs (git-fixes).\n- HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping (bsc#1051510).\n- HID: doc: fix wrong data structure reference for UHID_OUTPUT (bsc#1051510).\n- HID: intel-ish-hid: fixes incorrect error handling (bsc#1051510).\n- HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes).\n- Input: ff-memless - kill timer in destroy() (bsc#1051510).\n- Input: silead - try firmware reload after unsuccessful resume (bsc#1051510).\n- Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).\n- Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).\n- Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bsc#1051510).\n- Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bsc#1051510).\n- Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bsc#1051510).\n- Input: synaptics-rmi4 - fix video buffer size (git-fixes).\n- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1114279).\n- KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).\n- KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1158064).\n- KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).\n- KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (bsc#1158067).\n- KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled (bsc#1158066).\n- KVM: x86: Remove a spurious export of a static function (bsc#1158954).\n- NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes).\n- PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).\n- PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).\n- PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() (bsc#1051510).\n- PCI/PME: Fix possible use-after-free on remove (git-fixes).\n- PCI/PTM: Remove spurious \u0027d\u0027 from granularity message (bsc#1051510).\n- PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).\n- PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).\n- PCI: dwc: Fix find_next_bit() usage (bsc#1051510).\n- PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (bsc#1051510).\n- PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).\n- PCI: tegra: Enable Relaxed Ordering only for Tegra20 \u0026 Tegra30 (git-fixes).\n- PM / AVS: SmartReflex: NULL check before some freeing functions is not needed (bsc#1051510).\n- PM / Domains: Deal with multiple states but no governor in genpd (bsc#1051510).\n- PM / devfreq: Check NULL governor in available_governors_show (git-fixes).\n- PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).\n- PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).\n- PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).\n- PM / devfreq: passive: fix compiler warning (bsc#1051510).\n- PM / hibernate: Check the success of generating md5 digest before hibernation (bsc#1051510).\n- UAS: Revert commit 3ae62a42090f (\u0027UAS: fix alignment of scatter/gather segments\u0027).\n- USB: chaoskey: fix error case of a timeout (git-fixes).\n- USB: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).\n- USB: misc: appledisplay: fix backlight update_status return code (bsc#1051510).\n- USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P (bsc#1051510).\n- USB: serial: mos7720: fix remote wakeup (git-fixes).\n- USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bsc#1051510).\n- USB: serial: mos7840: fix remote wakeup (git-fixes).\n- USB: serial: option: add support for DW5821e with eSIM support (bsc#1051510).\n- USB: serial: option: add support for Foxconn T77W968 LTE modules (bsc#1051510).\n- USB: serial: whiteheat: fix line-speed endianness (bsc#1051510).\n- USBIP: add config dependency for SGL_ALLOC (git-fixes).\n- appledisplay: fix error handling in the scheduled work (git-fixes).\n- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.\n- ata: ep93xx: Use proper enums for directions (bsc#1051510).\n- ath10k: fix kernel panic by moving pci flush after napi_disable (bsc#1051510).\n- ath10k: fix vdev-start timeout on error (bsc#1051510).\n- ath10k: limit available channels via DT ieee80211-freq-limit (bsc#1051510).\n- ath10k: wmi: disable softirq\u0027s while calling ieee80211_rx (bsc#1051510).\n- ath6kl: Fix off by one error in scan completion (bsc#1051510).\n- ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).\n- ath9k: add back support for using active monitor interfaces for tx99 (bsc#1051510).\n- ath9k: fix reporting calculated new FFT upper max (bsc#1051510).\n- ath9k: fix tx99 with monitor mode interface (bsc#1051510).\n- ath9k_hw: fix uninitialized variable data (bsc#1051510).\n- atl1e: checking the status of atl1e_write_phy_reg (bsc#1051510).\n- audit: Allow auditd to set pid to 0 to end auditing (bsc#1158094).\n- ax88172a: fix information leak on short answers (bsc#1051510).\n- backlight: lm3639: Unconditionally call led_classdev_unregister (bsc#1051510).\n- bpf: Make use of probe_user_write in probe write helper (bsc#1083647).\n- brcmfmac: fix full timeout waiting for action frame on-channel tx (bsc#1051510).\n- brcmfmac: reduce timeout for action frame scan (bsc#1051510).\n- brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).\n- brcmsmac: never log \u0027tid x is not agg\u0027able\u0027 by default (bsc#1051510).\n- can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open (bsc#1051510).\n- can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes).\n- can: mcba_usb: fix use-after-free on disconnect (git-fixes).\n- can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes).\n- can: peak_usb: fix slab info leak (git-fixes).\n- can: peak_usb: report bus recovery as well (bsc#1051510).\n- can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error (bsc#1051510).\n- can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error (bsc#1051510).\n- can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes).\n- can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM (bsc#1051510).\n- can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors (bsc#1051510).\n- can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes).\n- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes).\n- can: usb_8dev: fix use-after-free on disconnect (git-fixes).\n- ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).\n- ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open (bsc#1157184).\n- ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).\n- ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).\n- cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set (bsc#1051510).\n- cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces (bsc#1051510).\n- cfg80211: call disconnect_wk when AP stops (bsc#1051510).\n- cgroup,writeback: do not switch wbs immediately on dead wbs if the memcg is dead (bsc#1158645).\n- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bsc#1144333, bsc#1154355).\n- cifs: Fix missed free operations (bsc#1144333, bsc#1154355).\n- cifs: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).\n- cifs: add a helper to find an existing readable handle to a file (bsc#1144333, bsc#1154355).\n- cifs: create a helper to find a writeable handle by path name (bsc#1144333, bsc#1154355).\n- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1144333, bsc#1154355).\n- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1144333, bsc#1154355).\n- cifs: set domainName when a domain-key is used in multiuser (bsc#1144333, bsc#1154355).\n- cifs: use cifsInodeInfo-\u003eopen_file_lock while iterating to avoid a panic (bsc#1144333, bsc#1154355).\n- cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1144333, bsc#1154355).\n- clk: at91: avoid sleeping early (git-fixes).\n- clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).\n- clk: samsung: Use clk_hw API for calling clk framework from clk notifiers (bsc#1051510).\n- clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (bsc#1051510).\n- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes).\n- clk: sunxi-ng: a80: fix the zero\u0027ing of bits 16 and 18 (git-fixes).\n- clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines (bsc#1051510).\n- clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).\n- compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).\n- component: fix loop condition to call unbind() if bind() fails (bsc#1051510).\n- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() (bsc#1051510).\n- cpufreq: Skip cpufreq resume if it\u0027s not suspended (bsc#1051510).\n- cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).\n- cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bsc#1051510).\n- cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).\n- cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).\n- cpupower : frequency-set -r option misses the last cpu in related cpu list (bsc#1051510).\n- cpupower: Fix coredump on VMWare (bsc#1051510).\n- crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).\n- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (bsc#1051510).\n- crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).\n- crypto: fix a memory leak in rsa-kcs1pad\u0027s encryption mode (bsc#1051510).\n- crypto: geode-aes - switch to skcipher for cbc(aes) fallback (bsc#1051510).\n- crypto: mxc-scc - fix build warnings on ARM64 (bsc#1051510).\n- crypto: mxs-dcp - Fix AES issues (bsc#1051510).\n- crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).\n- crypto: mxs-dcp - make symbols \u0027sha1_null_hash\u0027 and \u0027sha256_null_hash\u0027 static (bsc#1051510).\n- crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).\n- crypto: tgr192 - remove unneeded semicolon (bsc#1051510).\n- cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).\n- cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).\n- dccp: do not leak jiffies on the wire (networking-stable-19_11_05).\n- dlm: do not leak kernel pointer to userspace (bsc#1051510).\n- dlm: fix invalid free (bsc#1051510).\n- dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).\n- dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).\n- dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction (bsc#1051510).\n- dmaengine: imx-sdma: fix use-after-free on probe error path (bsc#1051510).\n- dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).\n- dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).\n- docs: move protection-keys.rst to the core-api book (bsc#1078248).\n- drivers/base/platform.c: kmemleak ignore a known leak (bsc#1051510).\n- drivers/regulator: fix a missing check of return value (bsc#1051510).\n- drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1114279)\n- drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)\n- drm/omap: fix max fclk divider for omap36xx (bsc#1113722)\n- drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).\n- drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)\n- drm/rockchip: Round up _before_ giving to the clock framework (bsc#1114279)\n- drm: panel-lvds: Potential Oops in probe error handling (bsc#1114279)\n- e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).\n- e1000e: Use dev_get_drvdata where possible (bsc#1158049).\n- e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (bsc#1158049).\n- ecryptfs_lookup_interpose(): lower_dentry-\u003ed_inode is not stable (bsc#1158646).\n- ecryptfs_lookup_interpose(): lower_dentry-\u003ed_parent is not stable either (bsc#1158647).\n- ext4: fix punch hole for inline_data file systems (bsc#1158640).\n- ext4: update direct I/O read lock pattern for IOCB_NOWAIT (bsc#1158639).\n- extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).\n- fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).\n- fbdev: sbuslib: use checked version of put_user() (bsc#1051510).\n- sctp: Fixed regression (bsc#1158082).\n- ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).\n- gpio: mpc8xxx: Do not overwrite default irq_set_type callback (bsc#1051510).\n- gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).\n- gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (bsc#1051510).\n- gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).\n- hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).\n- hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).\n- hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).\n- hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled (bsc#1051510).\n- hwrng: stm32 - fix unbalanced pm_runtime_enable (bsc#1051510).\n- hypfs: Fix error number left in struct pointer member (bsc#1051510).\n- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).\n- ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047).\n- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).\n- ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047).\n- idr: Fix idr_alloc_u32 on 32-bit systems (bsc#1051510).\n- iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).\n- iio: adc: stm32-adc: fix stopping dma (git-fixes).\n- iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).\n- iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes).\n- iio: imu: adis16480: make sure provided frequency is positive (git-fixes).\n- iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes).\n- iio: imu: adis: assign value only if return code zero in read funcs (git-fixes).\n- include/linux/bitrev.h: fix constant bitrev (bsc#1114279).\n- inet: stop leaking jiffies on the wire (networking-stable-19_11_05).\n- intel_th: Fix a double put_device() in error path (git-fixes).\n- iomap: Fix pipe page leakage during splicing (bsc#1158651).\n- iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bsc#1158063).\n- ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address (bsc#1051510).\n- ipv4: Return -ENETUNREACH if we can\u0027t create route but saddr is valid (networking-stable-19_10_24).\n- iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).\n- iwlwifi: check kasprintf() return value (bsc#1051510).\n- iwlwifi: exclude GEO SAR support for 3168 (git-fixes).\n- iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).\n- iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).\n- kABI workaround for ath10k last_wmi_vdev_start_status field (bsc#1051510).\n- kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).\n- kABI: Fix for \u0027KVM: x86: Introduce vcpu-\u003earch.xsaves_enabled\u0027 (bsc#1158066).\n- lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).\n- lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).\n- liquidio: fix race condition in instruction completion processing (bsc#1051510).\n- livepatch: Allow to distinguish different version of system state changes (bsc#1071995).\n- livepatch: Basic API to track system state changes (bsc#1071995 ).\n- livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995).\n- livepatch: Selftests of the API for tracking system state changes (bsc#1071995).\n- loop: add ioctl for changing logical block size (bsc#1108043).\n- loop: fix no-unmap write-zeroes request behavior (bsc#1158637).\n- mISDN: Fix type of switch control variable in ctrl_teimanager (bsc#1051510).\n- mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).\n- mac80211: fix station inactive_time shortly after boot (bsc#1051510).\n- mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).\n- mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode (bsc#1051510).\n- macvlan: schedule bc_work even if error (bsc#1051510).\n- mailbox: mailbox-test: fix null pointer if no mmio (bsc#1051510).\n- mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone (git-fixes).\n- media: au0828: Fix incorrect error messages (bsc#1051510).\n- media: bdisp: fix memleak on release (git-fixes).\n- media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).\n- media: davinci: Fix implicit enum conversion warning (bsc#1051510).\n- media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes).\n- media: fix: media: pci: meye: validate offset to avoid arbitrary access (bsc#1051510).\n- media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes).\n- media: imon: invalid dereference in imon_touch_event (bsc#1051510).\n- media: isif: fix a NULL pointer dereference bug (bsc#1051510).\n- media: ov6650: Fix control handler not freed on init error (git-fixes).\n- media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() (bsc#1051510).\n- media: pxa_camera: Fix check for pdev-\u003edev.of_node (bsc#1051510).\n- media: radio: wl1273: fix interrupt masking on release (git-fixes).\n- media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).\n- media: usbvision: Fix races among open, close, and disconnect (bsc#1051510).\n- media: uvcvideo: Fix error path in control parsing failure (git-fixes).\n- media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE (bsc#1051510).\n- media: vim2m: Fix abort issue (git-fixes).\n- media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bsc#1051510).\n- mei: bus: prefix device names on bus with the bus name (bsc#1051510).\n- mei: fix modalias documentation (git-fixes).\n- mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).\n- mfd: intel-lpss: Add default I2C device properties for Gemini Lake (bsc#1051510).\n- mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).\n- mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values (bsc#1051510).\n- mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).\n- mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable (bsc#1051510).\n- mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)\n- mm, memory_hotplug: do not clear numa_node association after hot_remove (bnc#1115026).\n- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (git fixes (mm/gup)).\n- mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (git fixes (mm/compaction)).\n- mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)).\n- mmc: core: fix wl1251 sdio quirks (git-fixes).\n- mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes).\n- mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail (bsc#1051510).\n- mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).\n- mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).\n- mmc: sdio: fix wl1251 vendor id (git-fixes).\n- moduleparam: fix parameter description mismatch (bsc#1051510).\n- mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).\n- mtd: nand: mtk: fix incorrect register setting order about ecc irq.\n- mtd: spear_smi: Fix Write Burst mode (bsc#1051510).\n- mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).\n- mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).\n- mwifiex: debugfs: correct histogram spacing, formatting (bsc#1051510).\n- mwifiex: fix potential NULL dereference and use after free (bsc#1051510).\n- nbd: prevent memory leak (bsc#1158638).\n- net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047).\n- net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n- net/mlx4_core: Dynamically set guaranteed amount of counters per VF (networking-stable-19_11_05).\n- net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (networking-stable-19_11_05).\n- net/smc: Fix error path in smc_init (git-fixes).\n- net/smc: avoid fallback in case of non-blocking connect (git-fixes).\n- net/smc: fix closing of fallback SMC sockets (git-fixes).\n- net/smc: fix ethernet interface refcounting (git-fixes).\n- net/smc: fix refcounting for non-blocking connect() (git-fixes).\n- net/smc: keep vlan_id for SMC-R in smc_listen_work() (git-fixes).\n- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (networking-stable-19_11_05).\n- net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (networking-stable-19_11_05).\n- net: add skb_queue_empty_lockless() (networking-stable-19_11_05).\n- net: annotate accesses to sk-\u003esk_incoming_cpu (networking-stable-19_11_05).\n- net: annotate lockless accesses to sk-\u003esk_napi_id (networking-stable-19_11_05).\n- net: avoid potential infinite loop in tc_ctl_action() (networking-stable-19_10_24).\n- net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (networking-stable-19_10_24).\n- net: bcmgenet: Set phydev-\u003edev_flags only for internal PHYs (networking-stable-19_10_24).\n- net: bcmgenet: reset 40nm EPHY on energy detect (networking-stable-19_11_05).\n- net: dsa: b53: Do not clear existing mirrored port mask (networking-stable-19_11_05).\n- net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (networking-stable-19_11_05).\n- net: dsa: fix switch tree list (networking-stable-19_11_05).\n- net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (networking-stable-19_11_05).\n- net: fix sk_page_frag() recursion from memory reclaim (networking-stable-19_11_05).\n- net: hisilicon: Fix ping latency when deal with high throughput (networking-stable-19_11_05).\n- net: phy: Check against net_device being NULL (bsc#1051510).\n- net: phy: Fix not to call phy_resume() if PHY is not attached (bsc#1051510).\n- net: phy: Fix the register offsets in Broadcom iProc mdio mux driver (bsc#1051510).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bsc#1051510).\n- net: phy: broadcom: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n- net: phy: dp83867: Set up RGMII TX delay (bsc#1051510).\n- net: phy: fixed_phy: Fix fixed_phy not checking GPIO (bsc#1051510).\n- net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n- net: phy: marvell: clear wol event before setting it (bsc#1051510).\n- net: phy: meson-gxl: check phy_write return value (bsc#1051510).\n- net: phy: micrel: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n- net: phy: mscc: read \u0027vsc8531, edge-slowdown\u0027 as an u32 (bsc#1051510).\n- net: phy: mscc: read \u0027vsc8531,vddmac\u0027 as an u32 (bsc#1051510).\n- net: phy: xgene: disable clk on error paths (bsc#1051510).\n- net: phy: xgmiitorgmii: Check phy_driver ready before accessing (bsc#1051510).\n- net: phy: xgmiitorgmii: Check read_status results (bsc#1051510).\n- net: phy: xgmiitorgmii: Support generic PHY status read (bsc#1051510).\n- net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (networking-stable-19_10_24).\n- net: use skb_queue_empty_lockless() in busy poll contexts (networking-stable-19_11_05).\n- net: use skb_queue_empty_lockless() in poll() handlers (networking-stable-19_11_05).\n- net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes).\n- net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes).\n- netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).\n- nfc: netlink: fix double device reference drop (git-fixes).\n- nfc: port100: handle command failure cleanly (git-fixes).\n- nl80211: Fix a GET_KEY reply attribute (bsc#1051510).\n- ocfs2: fix panic due to ocfs2_wq is null (bsc#1158644).\n- ocfs2: fix passing zero to \u0027PTR_ERR\u0027 warning (bsc#1158649).\n- openvswitch: fix flow command message size (git-fixes).\n- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs (git-fixes).\n- phy: phy-twl4030-usb: fix denied runtime access (git-fixes).\n- pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes).\n- pinctrl: at91: do not use the same irqchip with multiple gpiochips (git-fixes).\n- pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).\n- pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).\n- pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT (bsc#1051510).\n- pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (bsc#1051510).\n- pinctrl: samsung: Fix device node refcount leaks in init code (bsc#1051510).\n- pinctrl: sunxi: Fix a memory leak in \u0027sunxi_pinctrl_build_state()\u0027 (bsc#1051510).\n- pinctrl: xway: fix gpio-hog related boot issues (bsc#1051510).\n- pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD (bsc#1051510).\n- pktcdvd: remove warning on attempting to register non-passthrough dev (bsc#1051510).\n- platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size (bsc#1051510).\n- platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer (bsc#1051510).\n- power: reset: at91-poweroff: do not procede if at91_shdwc is allocated (bsc#1051510).\n- power: supply: ab8500_fg: silence uninitialized variable warnings (bsc#1051510).\n- power: supply: max14656: fix potential use-after-free (bsc#1051510).\n- power: supply: twl4030_charger: disable eoc interrupt on linear charge (bsc#1051510).\n- power: supply: twl4030_charger: fix charging current out-of-bounds (bsc#1051510).\n- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).\n- powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520).\n- powerpc/bpf: Fix tail call implementation (bsc#1157698).\n- powerpc/pseries/mobility: notify network peers after migration (bsc#1152631 ltc#181798).\n- powerpc/pseries: Do not fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520).\n- powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).\n- powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459).\n- powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459).\n- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).\n- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).\n- powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435).\n- ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).\n- printk: Export console_printk (bsc#1071995).\n- pwm: Clear chip_data in pwm_put() (bsc#1051510).\n- pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes).\n- pwm: clps711x: Fix period calculation (bsc#1051510).\n- pwm: lpss: Only set update bit if we are actually changing the settings (bsc#1051510).\n- r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (networking-stable-19_11_05).\n- regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).\n- regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (bsc#1051510).\n- regulator: tps65910: fix a missing check of return value (bsc#1051510).\n- remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).\n- reset: Fix potential use-after-free in __of_reset_control_get() (bsc#1051510).\n- reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).\n- reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).\n- reset: fix reset_control_ops kerneldoc comment (bsc#1051510).\n- rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz.\n- rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)\n- rt2800: remove errornous duplicate condition (git-fixes).\n- rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument (bsc#1051510).\n- rtl818x: fix potential use after free (bsc#1051510).\n- rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).\n- rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (bsc#1051510).\n- rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).\n- s390/bpf: fix lcgr instruction encoding (bsc#1051510).\n- s390/bpf: use 32-bit index for tail calls (bsc#1051510).\n- s390/cio: avoid calling strlen on null pointer (bsc#1051510).\n- s390/cio: exclude subchannels with no parent from pseudo check (bsc#1051510).\n- s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).\n- s390/idle: fix cpu idle time calculation (bsc#1051510).\n- s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bsc#1051510).\n- s390/process: avoid potential reading of freed stack (bsc#1051510).\n- s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).\n- s390/qdio: do not touch the dsci in tiqdio_add_input_queues() (bsc#1051510).\n- s390/qeth: return proper errno on IO error (bsc#1051510).\n- s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510 bsc#1140948).\n- s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).\n- s390/topology: avoid firing events before kobjs are created (bsc#1051510).\n- s390: fix stfle zero padding (bsc#1051510).\n- sc16is7xx: Fix for \u0027Unexpected interrupt: 8\u0027 (bsc#1051510).\n- sched/fair: WARN() and refuse to set buddy when !se-\u003eon_rq (bsc#1158132).\n- scsi: lpfc: Fix Oops in nvme_register with target logout/login (bsc#1151900).\n- scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).\n- scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).\n- scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n- scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Correctly retrieve and interpret active flash region (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n- scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix device connect issues in P2P configuration (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n- scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).\n- scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (bsc#1138039).\n- scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).\n- scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).\n- scsi: sd: Ignore a failure to sync cache due to lack of authorization (git-fixes).\n- scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).\n- scsi: zfcp: fix request object use-after-free in send path causing wrong traces (bsc#1051510).\n- sctp: change sctp_prot .no_autobind with true (networking-stable-19_10_24).\n- selftests: net: reuseport_dualstack: fix uninitalized parameter (networking-stable-19_11_05).\n- serial: fix kernel-doc warning in comments (bsc#1051510).\n- serial: max310x: Fix tx_empty() callback (bsc#1051510).\n- serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).\n- serial: mxs-auart: Fix potential infinite loop (bsc#1051510).\n- serial: samsung: Enable baud clock for UART reset procedure in resume (bsc#1051510).\n- serial: uartlite: fix exit path null pointer (bsc#1051510).\n- serial: uartps: Fix suspend functionality (bsc#1051510).\n- signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal (bsc#1157463).\n- slcan: Fix memory leak in error path (bsc#1051510).\n- slip: Fix memory leak in slip_open error path (bsc#1051510).\n- slip: Fix use-after-free Read in slip_open (bsc#1051510).\n- smb3: Incorrect size for netname negotiate context (bsc#1144333, bsc#1154355).\n- smb3: fix leak in \u0027open on server\u0027 perf counter (bsc#1144333, bsc#1154355).\n- smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).\n- smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).\n- smb3: improve handling of share deleted (and share recreated) (bsc#1144333, bsc#1154355).\n- soc: imx: gpc: fix PDN delay (bsc#1051510).\n- soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).\n- spi: atmel: Fix CS high support (bsc#1051510).\n- spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).\n- spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).\n- spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).\n- spi: mediatek: use correct mata-\u003exfer_len when in fifo transfer (bsc#1051510).\n- spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch (bsc#1051510).\n- spi: omap2-mcspi: Set FIFO DMA trigger level to word length (bsc#1051510).\n- spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).\n- spi: rockchip: initialize dma_slave_config properly (bsc#1051510).\n- spi: spidev: Fix OF tree warning logic (bsc#1051510).\n- staging: rtl8188eu: fix null dereference when kzalloc fails (bsc#1051510).\n- staging: rtl8192e: fix potential use after free (bsc#1051510).\n- staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids (bsc#1051510).\n- staging: rtl8723bs: Drop ACPI device ids (bsc#1051510).\n- stm class: Fix a double free of stm_source_device (bsc#1051510).\n- supported.conf:\n- synclink_gt(): fix compat_ioctl() (bsc#1051510).\n- tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).\n- thermal: Fix deadlock in thermal thermal_zone_device_check (bsc#1051510).\n- thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).\n- tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).\n- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bsc#1051510).\n- tipc: check link name with right length in tipc_nl_compat_link_set (bsc#1051510).\n- tipc: check msg-\u003ereq data len in tipc_nl_compat_bearer_disable (bsc#1051510).\n- tipc: compat: allow tipc commands without arguments (bsc#1051510).\n- tipc: fix a missing check of genlmsg_put (bsc#1051510).\n- tipc: fix link name length check (bsc#1051510).\n- tipc: fix memory leak in tipc_nl_compat_publ_dump (bsc#1051510).\n- tipc: fix skb may be leaky in tipc_link_input (bsc#1051510).\n- tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path (bsc#1051510).\n- tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).\n- tipc: handle the err returned from cmd header function (bsc#1051510).\n- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).\n- tipc: tipc clang warning (bsc#1051510).\n- tpm: add check after commands attribs tab allocation (bsc#1051510).\n- tracing: Get trace_array reference for available_tracers files (bsc#1156429).\n- tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).\n- tty: serial: msm_serial: Fix flow control (bsc#1051510).\n- tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).\n- uaccess: Add non-pagefault user-space write function (bsc#1083647).\n- ubifs: Correctly initialize c-\u003emin_log_bytes (bsc#1158641).\n- ubifs: Limit the number of pages in shrink_liability (bsc#1158643).\n- udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).\n- usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).\n- usb-storage: Revert commit 747668dbc061 (\u0027usb-storage: Set virt_boundary_mask to avoid SG overflows\u0027) (bsc#1051510).\n- usb: chipidea: Fix otg event handler (bsc#1051510).\n- usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started (bsc#1051510).\n- usb: dwc3: gadget: Check ENBLSLPM before sending ep command (bsc#1051510).\n- usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status() (bsc#1051510).\n- usb: gadget: uvc: Factor out video USB request queueing (bsc#1051510).\n- usb: gadget: uvc: Only halt video streaming endpoint in bulk mode (bsc#1051510).\n- usb: gadget: uvc: configfs: Drop leaked references to config items (bsc#1051510).\n- usb: gadget: uvc: configfs: Prevent format changes after linking header (bsc#1051510).\n- usb: handle warm-reset port requests on hub resume (bsc#1051510).\n- usb: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).\n- usbip: Fix free of unallocated memory in vhci tx (git-fixes).\n- usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path (git-fixes).\n- usbip: Implement SG support to vhci-hcd and stub driver (git-fixes).\n- usbip: tools: fix fd leakage in the function of read_attr_usbip_status (git-fixes).\n- vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).\n- vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn (bsc#1051510).\n- vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).\n- vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 (bsc#1051510).\n- video/hdmi: Fix AVI bar unpack (git-fixes).\n- video: backlight: Add devres versions of of_find_backlight (bsc#1090888) Taken for 6010831dde5.\n- video: backlight: Add of_find_backlight helper in backlight.c (bsc#1090888) Taken for 6010831dde5.\n- virtio/s390: fix race on airq_areas (bsc#1051510).\n- virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes).\n- virtio_ring: fix return code on DMA mapping fails (git-fixes).\n- vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).\n- vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).\n- watchdog: meson: Fix the wrong value of left time (bsc#1051510).\n- watchdog: sama5d4: fix WDD value to be always set to max (bsc#1051510).\n- x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).\n- x86/alternatives: Fix int3_emulate_call() selftest stack corruption (bsc#1153811).\n- x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt (bsc#1078248).\n- x86/pkeys: Update documentation about availability (bsc#1078248).\n- x86/resctrl: Fix potential lockdep warning (bsc#1114279).\n- x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1114279).\n- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bsc#1158068).\n- x86/speculation: Fix incorrect MDS/TAA mitigation status (bsc#1114279).\n- x86/speculation: Fix redundant MDS mitigation message (bsc#1114279).\n- xfrm: Fix xfrm sel prefix length validation (git-fixes).\n- xfrm: fix sa selector validation (bsc#1156609).\n- xfs: Sanity check flags of Q_XQUOTARM call (bsc#1158652).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3316,SUSE-SLE-SERVER-12-SP4-2019-3316",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3316-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3316-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193316-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3316-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006267.html"
},
{
"category": "self",
"summary": "SUSE Bug 1048942",
"url": "https://bugzilla.suse.com/1048942"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1082635",
"url": "https://bugzilla.suse.com/1082635"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1089644",
"url": "https://bugzilla.suse.com/1089644"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1108043",
"url": "https://bugzilla.suse.com/1108043"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1115026",
"url": "https://bugzilla.suse.com/1115026"
},
{
"category": "self",
"summary": "SUSE Bug 1117169",
"url": "https://bugzilla.suse.com/1117169"
},
{
"category": "self",
"summary": "SUSE Bug 1120853",
"url": "https://bugzilla.suse.com/1120853"
},
{
"category": "self",
"summary": "SUSE Bug 1131107",
"url": "https://bugzilla.suse.com/1131107"
},
{
"category": "self",
"summary": "SUSE Bug 1135966",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "self",
"summary": "SUSE Bug 1138039",
"url": "https://bugzilla.suse.com/1138039"
},
{
"category": "self",
"summary": "SUSE Bug 1140948",
"url": "https://bugzilla.suse.com/1140948"
},
{
"category": "self",
"summary": "SUSE Bug 1142095",
"url": "https://bugzilla.suse.com/1142095"
},
{
"category": "self",
"summary": "SUSE Bug 1143706",
"url": "https://bugzilla.suse.com/1143706"
},
{
"category": "self",
"summary": "SUSE Bug 1144333",
"url": "https://bugzilla.suse.com/1144333"
},
{
"category": "self",
"summary": "SUSE Bug 1146519",
"url": "https://bugzilla.suse.com/1146519"
},
{
"category": "self",
"summary": "SUSE Bug 1146544",
"url": "https://bugzilla.suse.com/1146544"
},
{
"category": "self",
"summary": "SUSE Bug 1149448",
"url": "https://bugzilla.suse.com/1149448"
},
{
"category": "self",
"summary": "SUSE Bug 1150466",
"url": "https://bugzilla.suse.com/1150466"
},
{
"category": "self",
"summary": "SUSE Bug 1151548",
"url": "https://bugzilla.suse.com/1151548"
},
{
"category": "self",
"summary": "SUSE Bug 1151900",
"url": "https://bugzilla.suse.com/1151900"
},
{
"category": "self",
"summary": "SUSE Bug 1152631",
"url": "https://bugzilla.suse.com/1152631"
},
{
"category": "self",
"summary": "SUSE Bug 1153628",
"url": "https://bugzilla.suse.com/1153628"
},
{
"category": "self",
"summary": "SUSE Bug 1153811",
"url": "https://bugzilla.suse.com/1153811"
},
{
"category": "self",
"summary": "SUSE Bug 1154043",
"url": "https://bugzilla.suse.com/1154043"
},
{
"category": "self",
"summary": "SUSE Bug 1154058",
"url": "https://bugzilla.suse.com/1154058"
},
{
"category": "self",
"summary": "SUSE Bug 1154124",
"url": "https://bugzilla.suse.com/1154124"
},
{
"category": "self",
"summary": "SUSE Bug 1154355",
"url": "https://bugzilla.suse.com/1154355"
},
{
"category": "self",
"summary": "SUSE Bug 1154526",
"url": "https://bugzilla.suse.com/1154526"
},
{
"category": "self",
"summary": "SUSE Bug 1155021",
"url": "https://bugzilla.suse.com/1155021"
},
{
"category": "self",
"summary": "SUSE Bug 1155689",
"url": "https://bugzilla.suse.com/1155689"
},
{
"category": "self",
"summary": "SUSE Bug 1155897",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "self",
"summary": "SUSE Bug 1155921",
"url": "https://bugzilla.suse.com/1155921"
},
{
"category": "self",
"summary": "SUSE Bug 1156258",
"url": "https://bugzilla.suse.com/1156258"
},
{
"category": "self",
"summary": "SUSE Bug 1156429",
"url": "https://bugzilla.suse.com/1156429"
},
{
"category": "self",
"summary": "SUSE Bug 1156466",
"url": "https://bugzilla.suse.com/1156466"
},
{
"category": "self",
"summary": "SUSE Bug 1156471",
"url": "https://bugzilla.suse.com/1156471"
},
{
"category": "self",
"summary": "SUSE Bug 1156494",
"url": "https://bugzilla.suse.com/1156494"
},
{
"category": "self",
"summary": "SUSE Bug 1156609",
"url": "https://bugzilla.suse.com/1156609"
},
{
"category": "self",
"summary": "SUSE Bug 1156700",
"url": "https://bugzilla.suse.com/1156700"
},
{
"category": "self",
"summary": "SUSE Bug 1156729",
"url": "https://bugzilla.suse.com/1156729"
},
{
"category": "self",
"summary": "SUSE Bug 1156882",
"url": "https://bugzilla.suse.com/1156882"
},
{
"category": "self",
"summary": "SUSE Bug 1157038",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "self",
"summary": "SUSE Bug 1157042",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "self",
"summary": "SUSE Bug 1157070",
"url": "https://bugzilla.suse.com/1157070"
},
{
"category": "self",
"summary": "SUSE Bug 1157143",
"url": "https://bugzilla.suse.com/1157143"
},
{
"category": "self",
"summary": "SUSE Bug 1157145",
"url": "https://bugzilla.suse.com/1157145"
},
{
"category": "self",
"summary": "SUSE Bug 1157158",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "self",
"summary": "SUSE Bug 1157162",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "self",
"summary": "SUSE Bug 1157169",
"url": "https://bugzilla.suse.com/1157169"
},
{
"category": "self",
"summary": "SUSE Bug 1157171",
"url": "https://bugzilla.suse.com/1157171"
},
{
"category": "self",
"summary": "SUSE Bug 1157173",
"url": "https://bugzilla.suse.com/1157173"
},
{
"category": "self",
"summary": "SUSE Bug 1157178",
"url": "https://bugzilla.suse.com/1157178"
},
{
"category": "self",
"summary": "SUSE Bug 1157180",
"url": "https://bugzilla.suse.com/1157180"
},
{
"category": "self",
"summary": "SUSE Bug 1157182",
"url": "https://bugzilla.suse.com/1157182"
},
{
"category": "self",
"summary": "SUSE Bug 1157183",
"url": "https://bugzilla.suse.com/1157183"
},
{
"category": "self",
"summary": "SUSE Bug 1157184",
"url": "https://bugzilla.suse.com/1157184"
},
{
"category": "self",
"summary": "SUSE Bug 1157191",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "self",
"summary": "SUSE Bug 1157193",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "self",
"summary": "SUSE Bug 1157197",
"url": "https://bugzilla.suse.com/1157197"
},
{
"category": "self",
"summary": "SUSE Bug 1157298",
"url": "https://bugzilla.suse.com/1157298"
},
{
"category": "self",
"summary": "SUSE Bug 1157307",
"url": "https://bugzilla.suse.com/1157307"
},
{
"category": "self",
"summary": "SUSE Bug 1157324",
"url": "https://bugzilla.suse.com/1157324"
},
{
"category": "self",
"summary": "SUSE Bug 1157333",
"url": "https://bugzilla.suse.com/1157333"
},
{
"category": "self",
"summary": "SUSE Bug 1157424",
"url": "https://bugzilla.suse.com/1157424"
},
{
"category": "self",
"summary": "SUSE Bug 1157463",
"url": "https://bugzilla.suse.com/1157463"
},
{
"category": "self",
"summary": "SUSE Bug 1157499",
"url": "https://bugzilla.suse.com/1157499"
},
{
"category": "self",
"summary": "SUSE Bug 1157678",
"url": "https://bugzilla.suse.com/1157678"
},
{
"category": "self",
"summary": "SUSE Bug 1157698",
"url": "https://bugzilla.suse.com/1157698"
},
{
"category": "self",
"summary": "SUSE Bug 1157778",
"url": "https://bugzilla.suse.com/1157778"
},
{
"category": "self",
"summary": "SUSE Bug 1157908",
"url": "https://bugzilla.suse.com/1157908"
},
{
"category": "self",
"summary": "SUSE Bug 1158049",
"url": "https://bugzilla.suse.com/1158049"
},
{
"category": "self",
"summary": "SUSE Bug 1158063",
"url": "https://bugzilla.suse.com/1158063"
},
{
"category": "self",
"summary": "SUSE Bug 1158064",
"url": "https://bugzilla.suse.com/1158064"
},
{
"category": "self",
"summary": "SUSE Bug 1158065",
"url": "https://bugzilla.suse.com/1158065"
},
{
"category": "self",
"summary": "SUSE Bug 1158066",
"url": "https://bugzilla.suse.com/1158066"
},
{
"category": "self",
"summary": "SUSE Bug 1158067",
"url": "https://bugzilla.suse.com/1158067"
},
{
"category": "self",
"summary": "SUSE Bug 1158068",
"url": "https://bugzilla.suse.com/1158068"
},
{
"category": "self",
"summary": "SUSE Bug 1158082",
"url": "https://bugzilla.suse.com/1158082"
},
{
"category": "self",
"summary": "SUSE Bug 1158094",
"url": "https://bugzilla.suse.com/1158094"
},
{
"category": "self",
"summary": "SUSE Bug 1158132",
"url": "https://bugzilla.suse.com/1158132"
},
{
"category": "self",
"summary": "SUSE Bug 1158381",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "self",
"summary": "SUSE Bug 1158394",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "self",
"summary": "SUSE Bug 1158398",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "self",
"summary": "SUSE Bug 1158407",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "self",
"summary": "SUSE Bug 1158410",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "self",
"summary": "SUSE Bug 1158413",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "self",
"summary": "SUSE Bug 1158417",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "self",
"summary": "SUSE Bug 1158427",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "self",
"summary": "SUSE Bug 1158445",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "self",
"summary": "SUSE Bug 1158637",
"url": "https://bugzilla.suse.com/1158637"
},
{
"category": "self",
"summary": "SUSE Bug 1158638",
"url": "https://bugzilla.suse.com/1158638"
},
{
"category": "self",
"summary": "SUSE Bug 1158639",
"url": "https://bugzilla.suse.com/1158639"
},
{
"category": "self",
"summary": "SUSE Bug 1158640",
"url": "https://bugzilla.suse.com/1158640"
},
{
"category": "self",
"summary": "SUSE Bug 1158641",
"url": "https://bugzilla.suse.com/1158641"
},
{
"category": "self",
"summary": "SUSE Bug 1158643",
"url": "https://bugzilla.suse.com/1158643"
},
{
"category": "self",
"summary": "SUSE Bug 1158644",
"url": "https://bugzilla.suse.com/1158644"
},
{
"category": "self",
"summary": "SUSE Bug 1158645",
"url": "https://bugzilla.suse.com/1158645"
},
{
"category": "self",
"summary": "SUSE Bug 1158646",
"url": "https://bugzilla.suse.com/1158646"
},
{
"category": "self",
"summary": "SUSE Bug 1158647",
"url": "https://bugzilla.suse.com/1158647"
},
{
"category": "self",
"summary": "SUSE Bug 1158649",
"url": "https://bugzilla.suse.com/1158649"
},
{
"category": "self",
"summary": "SUSE Bug 1158651",
"url": "https://bugzilla.suse.com/1158651"
},
{
"category": "self",
"summary": "SUSE Bug 1158652",
"url": "https://bugzilla.suse.com/1158652"
},
{
"category": "self",
"summary": "SUSE Bug 1158823",
"url": "https://bugzilla.suse.com/1158823"
},
{
"category": "self",
"summary": "SUSE Bug 1158824",
"url": "https://bugzilla.suse.com/1158824"
},
{
"category": "self",
"summary": "SUSE Bug 1158827",
"url": "https://bugzilla.suse.com/1158827"
},
{
"category": "self",
"summary": "SUSE Bug 1158834",
"url": "https://bugzilla.suse.com/1158834"
},
{
"category": "self",
"summary": "SUSE Bug 1158893",
"url": "https://bugzilla.suse.com/1158893"
},
{
"category": "self",
"summary": "SUSE Bug 1158900",
"url": "https://bugzilla.suse.com/1158900"
},
{
"category": "self",
"summary": "SUSE Bug 1158903",
"url": "https://bugzilla.suse.com/1158903"
},
{
"category": "self",
"summary": "SUSE Bug 1158904",
"url": "https://bugzilla.suse.com/1158904"
},
{
"category": "self",
"summary": "SUSE Bug 1158954",
"url": "https://bugzilla.suse.com/1158954"
},
{
"category": "self",
"summary": "SUSE Bug 1159024",
"url": "https://bugzilla.suse.com/1159024"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0154 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14895 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14901 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15213 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15916 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16231 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18660 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18683 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18809 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19049 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19051 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19052 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19056 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19057 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19058 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19060 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19062 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19063 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19065 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19067 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19068 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19073 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19074 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19075 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19077 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19227 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19332 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19338 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19523 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19524 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19525 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19526 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19527 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19528 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19529 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19530 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19531 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19532 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19533 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19534 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19535 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19536 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19537 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19543 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19543/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-12-17T12:07:58Z",
"generator": {
"date": "2019-12-17T12:07:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3316-1",
"initial_release_date": "2019-12-17T12:07:58Z",
"revision_history": [
{
"date": "2019-12-17T12:07:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-6.34.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-6.34.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-6.34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-6.34.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-6.34.1.noarch",
"product_id": "kernel-source-azure-4.12.14-6.34.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-6.34.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-6.34.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-6.34.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-6.34.1.x86_64",
"product_id": "kernel-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-6.34.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-6.34.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-6.34.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-6.34.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-6.34.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-6.34.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-6.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-6.34.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-6.34.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-6.34.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-6.34.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-6.34.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-6.34.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-6.34.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-6.34.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-6.34.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-6.34.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-6.34.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-6.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-6.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0154"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0154",
"url": "https://www.suse.com/security/cve/CVE-2019-0154"
},
{
"category": "external",
"summary": "SUSE Bug 1135966 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1135966"
},
{
"category": "external",
"summary": "SUSE Bug 1181720 for CVE-2019-0154",
"url": "https://bugzilla.suse.com/1181720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "important"
}
],
"title": "CVE-2019-0154"
},
{
"cve": "CVE-2019-14895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14895"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14895",
"url": "https://www.suse.com/security/cve/CVE-2019-14895"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1157158 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1157158"
},
{
"category": "external",
"summary": "SUSE Bug 1173100 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173100"
},
{
"category": "external",
"summary": "SUSE Bug 1173660 for CVE-2019-14895",
"url": "https://bugzilla.suse.com/1173660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "important"
}
],
"title": "CVE-2019-14895"
},
{
"cve": "CVE-2019-14901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14901"
}
],
"notes": [
{
"category": "general",
"text": "A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14901",
"url": "https://www.suse.com/security/cve/CVE-2019-14901"
},
{
"category": "external",
"summary": "SUSE Bug 1157042 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1157042"
},
{
"category": "external",
"summary": "SUSE Bug 1173661 for CVE-2019-14901",
"url": "https://bugzilla.suse.com/1173661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "important"
}
],
"title": "CVE-2019-14901"
},
{
"cve": "CVE-2019-15213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15213"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15213",
"url": "https://www.suse.com/security/cve/CVE-2019-15213"
},
{
"category": "external",
"summary": "SUSE Bug 1146519 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1146519"
},
{
"category": "external",
"summary": "SUSE Bug 1146544 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1146544"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-15213",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-15213"
},
{
"cve": "CVE-2019-15916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15916"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15916",
"url": "https://www.suse.com/security/cve/CVE-2019-15916"
},
{
"category": "external",
"summary": "SUSE Bug 1149448 for CVE-2019-15916",
"url": "https://bugzilla.suse.com/1149448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-15916"
},
{
"cve": "CVE-2019-16231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16231"
}
],
"notes": [
{
"category": "general",
"text": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16231",
"url": "https://www.suse.com/security/cve/CVE-2019-16231"
},
{
"category": "external",
"summary": "SUSE Bug 1150466 for CVE-2019-16231",
"url": "https://bugzilla.suse.com/1150466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-16231"
},
{
"cve": "CVE-2019-18660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18660"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18660",
"url": "https://www.suse.com/security/cve/CVE-2019-18660"
},
{
"category": "external",
"summary": "SUSE Bug 1157038 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157038"
},
{
"category": "external",
"summary": "SUSE Bug 1157923 for CVE-2019-18660",
"url": "https://bugzilla.suse.com/1157923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-18660"
},
{
"cve": "CVE-2019-18683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18683"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18683",
"url": "https://www.suse.com/security/cve/CVE-2019-18683"
},
{
"category": "external",
"summary": "SUSE Bug 1155897 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1155897"
},
{
"category": "external",
"summary": "SUSE Bug 1173868 for CVE-2019-18683",
"url": "https://bugzilla.suse.com/1173868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "important"
}
],
"title": "CVE-2019-18683"
},
{
"cve": "CVE-2019-18809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18809"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18809",
"url": "https://www.suse.com/security/cve/CVE-2019-18809"
},
{
"category": "external",
"summary": "SUSE Bug 1156258 for CVE-2019-18809",
"url": "https://bugzilla.suse.com/1156258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-18809"
},
{
"cve": "CVE-2019-19049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19049"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19049",
"url": "https://www.suse.com/security/cve/CVE-2019-19049"
},
{
"category": "external",
"summary": "SUSE Bug 1157173 for CVE-2019-19049",
"url": "https://bugzilla.suse.com/1157173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19049"
},
{
"cve": "CVE-2019-19051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19051"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19051",
"url": "https://www.suse.com/security/cve/CVE-2019-19051"
},
{
"category": "external",
"summary": "SUSE Bug 1159024 for CVE-2019-19051",
"url": "https://bugzilla.suse.com/1159024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19051"
},
{
"cve": "CVE-2019-19052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19052"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19052",
"url": "https://www.suse.com/security/cve/CVE-2019-19052"
},
{
"category": "external",
"summary": "SUSE Bug 1157324 for CVE-2019-19052",
"url": "https://bugzilla.suse.com/1157324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19052"
},
{
"cve": "CVE-2019-19056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19056"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19056",
"url": "https://www.suse.com/security/cve/CVE-2019-19056"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19056",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19056"
},
{
"cve": "CVE-2019-19057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19057"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19057",
"url": "https://www.suse.com/security/cve/CVE-2019-19057"
},
{
"category": "external",
"summary": "SUSE Bug 1157193 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157193"
},
{
"category": "external",
"summary": "SUSE Bug 1157197 for CVE-2019-19057",
"url": "https://bugzilla.suse.com/1157197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19057"
},
{
"cve": "CVE-2019-19058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19058"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19058",
"url": "https://www.suse.com/security/cve/CVE-2019-19058"
},
{
"category": "external",
"summary": "SUSE Bug 1157145 for CVE-2019-19058",
"url": "https://bugzilla.suse.com/1157145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19058"
},
{
"cve": "CVE-2019-19060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19060"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19060",
"url": "https://www.suse.com/security/cve/CVE-2019-19060"
},
{
"category": "external",
"summary": "SUSE Bug 1157178 for CVE-2019-19060",
"url": "https://bugzilla.suse.com/1157178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19060"
},
{
"cve": "CVE-2019-19062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19062"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19062",
"url": "https://www.suse.com/security/cve/CVE-2019-19062"
},
{
"category": "external",
"summary": "SUSE Bug 1157333 for CVE-2019-19062",
"url": "https://bugzilla.suse.com/1157333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19062"
},
{
"cve": "CVE-2019-19063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19063"
}
],
"notes": [
{
"category": "general",
"text": "Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19063",
"url": "https://www.suse.com/security/cve/CVE-2019-19063"
},
{
"category": "external",
"summary": "SUSE Bug 1157298 for CVE-2019-19063",
"url": "https://bugzilla.suse.com/1157298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19063"
},
{
"cve": "CVE-2019-19065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19065"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because \"rhashtable_init() can only fail if it is passed invalid values in the second parameter\u0027s struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19065",
"url": "https://www.suse.com/security/cve/CVE-2019-19065"
},
{
"category": "external",
"summary": "SUSE Bug 1157191 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1157191"
},
{
"category": "external",
"summary": "SUSE Bug 1173961 for CVE-2019-19065",
"url": "https://bugzilla.suse.com/1173961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "important"
}
],
"title": "CVE-2019-19065"
},
{
"cve": "CVE-2019-19067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19067"
}
],
"notes": [
{
"category": "general",
"text": "Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19067",
"url": "https://www.suse.com/security/cve/CVE-2019-19067"
},
{
"category": "external",
"summary": "SUSE Bug 1157180 for CVE-2019-19067",
"url": "https://bugzilla.suse.com/1157180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19067"
},
{
"cve": "CVE-2019-19068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19068"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19068",
"url": "https://www.suse.com/security/cve/CVE-2019-19068"
},
{
"category": "external",
"summary": "SUSE Bug 1157307 for CVE-2019-19068",
"url": "https://bugzilla.suse.com/1157307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19068"
},
{
"cve": "CVE-2019-19073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19073"
}
],
"notes": [
{
"category": "general",
"text": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19073",
"url": "https://www.suse.com/security/cve/CVE-2019-19073"
},
{
"category": "external",
"summary": "SUSE Bug 1157070 for CVE-2019-19073",
"url": "https://bugzilla.suse.com/1157070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19073"
},
{
"cve": "CVE-2019-19074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19074"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19074",
"url": "https://www.suse.com/security/cve/CVE-2019-19074"
},
{
"category": "external",
"summary": "SUSE Bug 1157143 for CVE-2019-19074",
"url": "https://bugzilla.suse.com/1157143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19074"
},
{
"cve": "CVE-2019-19075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19075"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19075",
"url": "https://www.suse.com/security/cve/CVE-2019-19075"
},
{
"category": "external",
"summary": "SUSE Bug 1157162 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1157162"
},
{
"category": "external",
"summary": "SUSE Bug 1173958 for CVE-2019-19075",
"url": "https://bugzilla.suse.com/1173958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19075"
},
{
"cve": "CVE-2019-19077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19077"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19077",
"url": "https://www.suse.com/security/cve/CVE-2019-19077"
},
{
"category": "external",
"summary": "SUSE Bug 1157171 for CVE-2019-19077",
"url": "https://bugzilla.suse.com/1157171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19077"
},
{
"cve": "CVE-2019-19227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19227"
}
],
"notes": [
{
"category": "general",
"text": "In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19227",
"url": "https://www.suse.com/security/cve/CVE-2019-19227"
},
{
"category": "external",
"summary": "SUSE Bug 1157678 for CVE-2019-19227",
"url": "https://bugzilla.suse.com/1157678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19227"
},
{
"cve": "CVE-2019-19332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19332"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel\u0027s KVM hypervisor handled the \u0027KVM_GET_EMULATED_CPUID\u0027 ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the \u0027/dev/kvm\u0027 device could use this flaw to crash the system, resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19332",
"url": "https://www.suse.com/security/cve/CVE-2019-19332"
},
{
"category": "external",
"summary": "SUSE Bug 1158827 for CVE-2019-19332",
"url": "https://bugzilla.suse.com/1158827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19332"
},
{
"cve": "CVE-2019-19338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19338"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has \u0027TSX\u0027 enabled. Confidentiality of data is the highest threat associated with this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19338",
"url": "https://www.suse.com/security/cve/CVE-2019-19338"
},
{
"category": "external",
"summary": "SUSE Bug 1158954 for CVE-2019-19338",
"url": "https://bugzilla.suse.com/1158954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19338"
},
{
"cve": "CVE-2019-19523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19523",
"url": "https://www.suse.com/security/cve/CVE-2019-19523"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19523",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158823 for CVE-2019-19523",
"url": "https://bugzilla.suse.com/1158823"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19523",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19523"
},
{
"cve": "CVE-2019-19524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19524",
"url": "https://www.suse.com/security/cve/CVE-2019-19524"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158413 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158413"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19524",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19524"
},
{
"cve": "CVE-2019-19525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19525",
"url": "https://www.suse.com/security/cve/CVE-2019-19525"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158417 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158417"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19525",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19525"
},
{
"cve": "CVE-2019-19526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19526",
"url": "https://www.suse.com/security/cve/CVE-2019-19526"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19526",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19526",
"url": "https://bugzilla.suse.com/1158834"
},
{
"category": "external",
"summary": "SUSE Bug 1158893 for CVE-2019-19526",
"url": "https://bugzilla.suse.com/1158893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19526"
},
{
"cve": "CVE-2019-19527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19527",
"url": "https://www.suse.com/security/cve/CVE-2019-19527"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19527",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19527",
"url": "https://bugzilla.suse.com/1158834"
},
{
"category": "external",
"summary": "SUSE Bug 1158900 for CVE-2019-19527",
"url": "https://bugzilla.suse.com/1158900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19527"
},
{
"cve": "CVE-2019-19528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19528",
"url": "https://www.suse.com/security/cve/CVE-2019-19528"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158407 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158407"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19528",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19528"
},
{
"cve": "CVE-2019-19529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19529",
"url": "https://www.suse.com/security/cve/CVE-2019-19529"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19529",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19529"
},
{
"cve": "CVE-2019-19530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19530",
"url": "https://www.suse.com/security/cve/CVE-2019-19530"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158410 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158410"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19530",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19530"
},
{
"cve": "CVE-2019-19531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19531",
"url": "https://www.suse.com/security/cve/CVE-2019-19531"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158427"
},
{
"category": "external",
"summary": "SUSE Bug 1158445 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158445"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19531",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19531"
},
{
"cve": "CVE-2019-19532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19532"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19532",
"url": "https://www.suse.com/security/cve/CVE-2019-19532"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19532",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158823 for CVE-2019-19532",
"url": "https://bugzilla.suse.com/1158823"
},
{
"category": "external",
"summary": "SUSE Bug 1158824 for CVE-2019-19532",
"url": "https://bugzilla.suse.com/1158824"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19532",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19532"
},
{
"cve": "CVE-2019-19533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19533",
"url": "https://www.suse.com/security/cve/CVE-2019-19533"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19533",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19533",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19533"
},
{
"cve": "CVE-2019-19534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19534",
"url": "https://www.suse.com/security/cve/CVE-2019-19534"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158398 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158398"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19534",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19534"
},
{
"cve": "CVE-2019-19535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19535",
"url": "https://www.suse.com/security/cve/CVE-2019-19535"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19535",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19535",
"url": "https://bugzilla.suse.com/1158834"
},
{
"category": "external",
"summary": "SUSE Bug 1158903 for CVE-2019-19535",
"url": "https://bugzilla.suse.com/1158903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19535"
},
{
"cve": "CVE-2019-19536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19536",
"url": "https://www.suse.com/security/cve/CVE-2019-19536"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158394 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158394"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19536",
"url": "https://bugzilla.suse.com/1158834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19536"
},
{
"cve": "CVE-2019-19537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19537",
"url": "https://www.suse.com/security/cve/CVE-2019-19537"
},
{
"category": "external",
"summary": "SUSE Bug 1158381 for CVE-2019-19537",
"url": "https://bugzilla.suse.com/1158381"
},
{
"category": "external",
"summary": "SUSE Bug 1158834 for CVE-2019-19537",
"url": "https://bugzilla.suse.com/1158834"
},
{
"category": "external",
"summary": "SUSE Bug 1158904 for CVE-2019-19537",
"url": "https://bugzilla.suse.com/1158904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-19537"
},
{
"cve": "CVE-2019-19543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19543",
"url": "https://www.suse.com/security/cve/CVE-2019-19543"
},
{
"category": "external",
"summary": "SUSE Bug 1158427 for CVE-2019-19543",
"url": "https://bugzilla.suse.com/1158427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.34.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.34.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-17T12:07:58Z",
"details": "low"
}
],
"title": "CVE-2019-19543"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…