Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-25705 (GCVE-0-2020-25705)
Vulnerability from cvelistv5 – Published: 2020-11-17 01:16 – Updated: 2024-08-04 15:40
VLAI
EPSS
Summary
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version
Severity
No CVSS data available.
CWE
- CWE-330 - USE OF INSUFFICIENTLY RANDOM VALUES CWE-330
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Siemens Lunux Based Products |
Affected:
RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE US: Versions 3.1.39 and later, SIMATIC NET CP 1243-7: Versions 3.1.39 and later, SIMATIC NET CP 1243-8 IRC: Versions 3.1.39 and later, SIMATIC NET CP 1542SP-1 IRC (incl. SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1542SP-1: Versions 2.0 and later, SIMATIC NET CP 1543-1 (incl. SIPLUS variants): Versions 2.2 and later, SIMATIC NET CP 1543SP-1 (incl SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1545-1: All versions, SINEMA Remote Connect Server: All versions prior to v3.0 SP1, TIM 1531 IRC (incl. SI ...[truncated*]
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:36.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Siemens Lunux Based Products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE US: Versions 3.1.39 and later, SIMATIC NET CP 1243-7: Versions 3.1.39 and later, SIMATIC NET CP 1243-8 IRC: Versions 3.1.39 and later, SIMATIC NET CP 1542SP-1 IRC (incl. SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1542SP-1: Versions 2.0 and later, SIMATIC NET CP 1543-1 (incl. SIPLUS variants): Versions 2.2 and later, SIMATIC NET CP 1543SP-1 (incl SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1545-1: All versions, SINEMA Remote Connect Server: All versions prior to v3.0 SP1, TIM 1531 IRC (incl. SI ...[truncated*]"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "USE OF INSUFFICIENTLY RANDOM VALUES CWE-330",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-18T10:48:35.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-25705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Siemens Lunux Based Products",
"version": {
"version_data": [
{
"version_value": "RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE US: Versions 3.1.39 and later, SIMATIC NET CP 1243-7: Versions 3.1.39 and later, SIMATIC NET CP 1243-8 IRC: Versions 3.1.39 and later, SIMATIC NET CP 1542SP-1 IRC (incl. SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1542SP-1: Versions 2.0 and later, SIMATIC NET CP 1543-1 (incl. SIPLUS variants): Versions 2.2 and later, SIMATIC NET CP 1543SP-1 (incl SIPLUS variants): Versions 2.0 and later, SIMATIC NET CP 1545-1: All versions, SINEMA Remote Connect Server: All versions prior to v3.0 SP1, TIM 1531 IRC (incl. SIPLUS NET variants): All versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF INSUFFICIENTLY RANDOM VALUES CWE-330"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-25705",
"datePublished": "2020-11-17T01:16:17.000Z",
"dateReserved": "2020-09-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:40:36.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-25705",
"date": "2026-05-30",
"epss": "0.0101",
"percentile": "0.77407"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-25705\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-11-17T02:15:13.427\",\"lastModified\":\"2024-11-21T05:18:31.810\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en los paquetes ICMP en el kernel de Linux puede permitir a un atacante escanear r\u00e1pidamente los puertos UDP abiertos. Este defecto permite a un atacante remoto fuera de la ruta eludir efectivamente la aleatorizaci\u00f3n del puerto de origen UDP. El software que depende de la aleatorizaci\u00f3n del puerto de origen UDP tambi\u00e9n se ve afectado indirectamente en los productos basados en Linux (RUGGEDCOM RM1224: Todas las versiones entre v5.0 y v6.4, SCALANCE M-800: Todas las versiones entre v5.0 y v6.4, SCALANCE S615: Todas las versiones entre v5.0 y v6.4, SCALANCE SC-600: Todas las versiones anteriores a la v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0 y v8.7.0, SIMATIC Cloud Connect 7: Todas las versiones, SIMATIC MV500 Family: Todas las versiones, SIMATIC NET CP 1243-1 (incluidas las variantes SIPLUS): Versiones 3.1.39 y posteriores, SIMATIC NET CP 1243-7 LTE EU: Versi\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.0\",\"matchCriteriaId\":\"8234E068-AD52-4010-BAB0-14E08C0B7ED5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}],\"references\":[{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
ICSA-21-131-03
Vulnerability from csaf_cisa - Published: 2021-05-11 00:00 - Updated: 2023-03-14 00:00Summary
Siemens Linux-based Products (Update J)
Notes
Summary: A vulnerability made public under the name SAD DNS affects Domain Name
System resolvers due to a vulnerability in the Linux kernel when
handling ICMP packets. The Siemens products which are affected
are listed below. For more information please see
https://www.saddns.net/.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors: Multiple
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-330
- Use of Insufficiently Random Values
Affected products
Known affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM RM1224 family (6GK6108-4AM00)
Siemens / RUGGEDCOM RM1224 family (6GK6108-4AM00)
|
6GK6108-4AM00
|
>=V5.0_and_<V6.4 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE M-800 family
Siemens / SCALANCE M-800 family
|
>=V5.0_and_<V6.4 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE S615 (6GK5615-0AA00-2AA2)
Siemens / SCALANCE S615 (6GK5615-0AA00-2AA2)
|
6GK5615-0AA00-2AA2
|
>=V5.0_and_<V6.4 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE SC-600 family
Siemens / SCALANCE SC-600 family
|
<V2.1.3 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SCALANCE W1750D
Siemens / SCALANCE W1750D
|
8.3.0.1|8.6.0|8.7.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00)
Siemens / SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00)
|
6GK1411-1AC00
|
<>_V1.0_and_V1.6 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00)
Siemens / SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00)
|
6GK1411-5AC00
|
<>_V1.0_and_V1.6 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)
Siemens / SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)
|
6GK7242-7KX31-0XE0
|
>=V3.1.39_<V3.3 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)
Siemens / SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)
|
6GK7243-1BX30-0XE0
|
>=V3.1.39_and_<V3.3.46 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)
Siemens / SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)
|
6GK7243-7KX30-0XE0
|
>=V3.1.39_and_<V3.3 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)
Siemens / SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)
|
6GK7243-7SX30-0XE0
|
>=V3.1.39_and_<V3.3 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)
Siemens / SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)
|
6GK7243-8RX30-0XE0
|
>=V3.1.39_and_<V3.3.46 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)
Siemens / SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)
|
6GK7542-6UX00-0XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)
Siemens / SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)
|
6GK7542-6VX00-0XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1543-1 (incl. SIPLUS variants)
Siemens / SIMATIC CP 1543-1 (incl. SIPLUS variants)
|
>=V2.2_and_<V3.0 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)
Siemens / SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)
|
6GK7543-6WX00-0XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0)
Siemens / SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0)
|
6GK7545-1GX00-0XE0
|
<V1.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV540 H (6GF3540-0GE10)
Siemens / SIMATIC MV540 H (6GF3540-0GE10)
|
6GF3540-0GE10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV540 S (6GF3540-0CD10)
Siemens / SIMATIC MV540 S (6GF3540-0CD10)
|
6GF3540-0CD10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV550 H (6GF3550-0GE10)
Siemens / SIMATIC MV550 H (6GF3550-0GE10)
|
6GF3550-0GE10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV550 S (6GF3550-0CD10)
Siemens / SIMATIC MV550 S (6GF3550-0CD10)
|
6GF3550-0CD10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV560 U (6GF3560-0LE10)
Siemens / SIMATIC MV560 U (6GF3560-0LE10)
|
6GF3560-0LE10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC MV560 X (6GF3560-0HE10)
Siemens / SIMATIC MV560 X (6GF3560-0HE10)
|
6GF3560-0HE10
|
<V3.1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SINEMA Remote Connect Server
Siemens / SINEMA Remote Connect Server
|
<V3.0_SP1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
|
SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)
Siemens / SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)
|
6AG2542-6VX00-4XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)
Siemens / SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)
|
6AG1543-6WX00-7XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)
Siemens / SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)
|
6AG2543-6WX00-4XE0
|
>=V2.0_<V2.2.28 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)
Siemens / SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)
|
6AG1242-7KX31-7XE0
|
>=V3.1.39_<V3.3 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)
Siemens / SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)
|
6AG1243-1BX30-2AX0
|
>=V3.1.39_and_<V3.3.46 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)
Siemens / SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)
|
6AG2243-1BX30-1XE0
|
>=V3.1.39_and_<V3.3.46 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)
Siemens / SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)
|
6AG1543-1MX00-7XE0
|
<V2.2_Update_1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
|
TIM 1531 IRC (6GK7543-1MX00-0XE0)
Siemens / TIM 1531 IRC (6GK7543-1MX00-0XE0)
|
6GK7543-1MX00-0XE0
|
<V2.2_Update_1 |
Mitigation
Mitigation
Mitigation
Vendor Fix
fix
|
References
11 references
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting this vulnerability to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "A vulnerability made public under the name SAD DNS affects Domain Name \nSystem resolvers due to a vulnerability in the Linux kernel when \nhandling ICMP packets. The Siemens products which are affected\nare listed below. For more information please see \nhttps://www.saddns.net/.\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-324955: SAD DNS Attack in Linux Based Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-324955.json"
},
{
"category": "self",
"summary": "SSA-324955: SAD DNS Attack in Linux Based Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-324955.txt"
},
{
"category": "self",
"summary": "SSA-324955: SAD DNS Attack in Linux Based Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-131-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-131-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-131-03 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-131-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens Linux-based Products (Update J)",
"tracking": {
"current_release_date": "2023-03-14T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-131-03",
"initial_release_date": "2021-05-11T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-05-11T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-06-08T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added solution for TIM 1531 IRC"
},
{
"date": "2021-07-13T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added solution for SIMATIC NET CP 1243-7 LTE EU and SIMATIC NET CP 1243-7 LTE US"
},
{
"date": "2021-08-10T00:00:00.000000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added solution for SIMATIC NET CP 1543-1"
},
{
"date": "2021-09-14T00:00:00.000000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Errata: Removed solution for TIM 1531 IRC as V2.2 did not fix the issue"
},
{
"date": "2021-10-12T00:00:00.000000Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Corrected wrong product name SIMATIC CP 1243-7 to SIMATIC CP 1242-7 GPRS V2, updated solution for SIMATIC CP 1243-7 LTE, added solution for SIMATIC CP 1242-7 GPRS V2 and SCALANCE W1750D"
},
{
"date": "2021-11-09T00:00:00.000000Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added solution for SIMATIC Cloud Connect 7 and TIM 1531 IRC, split TIM 1531 IRC into individual products, split SIMATIC Cloud Connect 7 into individual products"
},
{
"date": "2021-12-14T00:00:00.000000Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Added solution for the SIMATIC MV500 family products"
},
{
"date": "2022-06-14T00:00:00.000000Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Added fix for SIMATIC CP 1545-1"
},
{
"date": "2022-08-09T00:00:00.000000Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Added fix for SIMATIC CP 1243-1 and CP 1243-8 IRC"
},
{
"date": "2023-03-14T00:00:00.000000Z",
"legacy_version": "2.0",
"number": "11",
"summary": "Added fix for SIMATIC CP 1542SP-1, SIMATIC CP 1542SP-1 IRC, and SIMATIC CP 1543SP-1"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V5.0_and_\u003cV6.4",
"product": {
"name": "RUGGEDCOM RM1224 family (6GK6108-4AM00)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK6108-4AM00"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 family (6GK6108-4AM00)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V5.0_and_\u003cV6.4",
"product": {
"name": "SCALANCE M-800 family",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SCALANCE M-800 family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V5.0_and_\u003cV6.4",
"product": {
"name": "SCALANCE S615 (6GK5615-0AA00-2AA2)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5615-0AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE S615 (6GK5615-0AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.1.3",
"product": {
"name": "SCALANCE SC-600 family",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SCALANCE SC-600 family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "8.3.0.1|8.6.0|8.7.0",
"product": {
"name": "SCALANCE W1750D",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c\u003e_V1.0_and_V1.6",
"product": {
"name": "SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK1411-1AC00"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c\u003e_V1.0_and_V1.6",
"product": {
"name": "SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK1411-5AC00"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_\u003cV3.3",
"product": {
"name": "SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK7242-7KX31-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3.46",
"product": {
"name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6GK7243-1BX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3",
"product": {
"name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"model_numbers": [
"6GK7243-7KX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3",
"product": {
"name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"model_numbers": [
"6GK7243-7SX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3.46",
"product": {
"name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"model_numbers": [
"6GK7243-8RX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"model_numbers": [
"6GK7542-6UX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"model_numbers": [
"6GK7542-6VX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.2_and_\u003cV3.0",
"product": {
"name": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1543-1 (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)",
"product_id": "CSAFPID-0016",
"product_identification_helper": {
"model_numbers": [
"6GK7543-6WX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.1",
"product": {
"name": "SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0)",
"product_id": "CSAFPID-0017",
"product_identification_helper": {
"model_numbers": [
"6GK7545-1GX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV540 H (6GF3540-0GE10)",
"product_id": "CSAFPID-0018",
"product_identification_helper": {
"model_numbers": [
"6GF3540-0GE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV540 H (6GF3540-0GE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV540 S (6GF3540-0CD10)",
"product_id": "CSAFPID-0019",
"product_identification_helper": {
"model_numbers": [
"6GF3540-0CD10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV540 S (6GF3540-0CD10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV550 H (6GF3550-0GE10)",
"product_id": "CSAFPID-0020",
"product_identification_helper": {
"model_numbers": [
"6GF3550-0GE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV550 H (6GF3550-0GE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV550 S (6GF3550-0CD10)",
"product_id": "CSAFPID-0021",
"product_identification_helper": {
"model_numbers": [
"6GF3550-0CD10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV550 S (6GF3550-0CD10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV560 U (6GF3560-0LE10)",
"product_id": "CSAFPID-0022",
"product_identification_helper": {
"model_numbers": [
"6GF3560-0LE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV560 U (6GF3560-0LE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.1",
"product": {
"name": "SIMATIC MV560 X (6GF3560-0HE10)",
"product_id": "CSAFPID-0023",
"product_identification_helper": {
"model_numbers": [
"6GF3560-0HE10"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC MV560 X (6GF3560-0HE10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.0_SP1",
"product": {
"name": "SINEMA Remote Connect Server",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)",
"product_id": "CSAFPID-0025",
"product_identification_helper": {
"model_numbers": [
"6AG2542-6VX00-4XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)",
"product_id": "CSAFPID-0026",
"product_identification_helper": {
"model_numbers": [
"6AG1543-6WX00-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V2.0_\u003cV2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)",
"product_id": "CSAFPID-0027",
"product_identification_helper": {
"model_numbers": [
"6AG2543-6WX00-4XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_\u003cV3.3",
"product": {
"name": "SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)",
"product_id": "CSAFPID-0028",
"product_identification_helper": {
"model_numbers": [
"6AG1242-7KX31-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3.46",
"product": {
"name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)",
"product_id": "CSAFPID-0029",
"product_identification_helper": {
"model_numbers": [
"6AG1243-1BX30-2AX0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=V3.1.39_and_\u003cV3.3.46",
"product": {
"name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)",
"product_id": "CSAFPID-0030",
"product_identification_helper": {
"model_numbers": [
"6AG2243-1BX30-1XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.2_Update_1",
"product": {
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)",
"product_id": "CSAFPID-0031",
"product_identification_helper": {
"model_numbers": [
"6AG1543-1MX00-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.2_Update_1",
"product": {
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)",
"product_id": "CSAFPID-0032",
"product_identification_helper": {
"model_numbers": [
"6GK7543-1MX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "TIM 1531 IRC (6GK7543-1MX00-0XE0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25705",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Use name servers inside corporate environments",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032"
]
},
{
"category": "mitigation",
"details": "Restrict access of CLI and web-based management interfaces for the affected devices to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 where possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032"
]
},
{
"category": "mitigation",
"details": "Disable outgoing ICMP packets by using \"service ACLs\" to implement blocking rules",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.2.28 or later version",
"product_ids": [
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0016",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817067/"
},
{
"category": "vendor_fix",
"details": "Update to V6.4 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109794349/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0 SP1 or later version",
"product_ids": [
"CSAFPID-0024"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793790/"
},
{
"category": "vendor_fix",
"details": "Update to V2.1.3 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793041/"
},
{
"category": "vendor_fix",
"details": "Update to V8.7.1.3 or later version",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109802805/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109799584/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3.46 or later version",
"product_ids": [
"CSAFPID-0009",
"CSAFPID-0012",
"CSAFPID-0029",
"CSAFPID-0030"
],
"url": "https://support.industry.siemens.com/cs/us/en/view/109812218/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"CSAFPID-0015"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109800773"
},
{
"category": "vendor_fix",
"details": "Update to V1.1 or later version",
"product_ids": [
"CSAFPID-0017"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811116/"
},
{
"category": "vendor_fix",
"details": "Update to V2.2 Update 1 or later version",
"product_ids": [
"CSAFPID-0031",
"CSAFPID-0032"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109803672/"
},
{
"category": "vendor_fix",
"details": "Update to V1.6 or later version",
"product_ids": [
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109803418/"
},
{
"category": "vendor_fix",
"details": "Update to V3.1 or later version",
"product_ids": [
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109804366"
},
{
"category": "vendor_fix",
"details": "Update to V3.3 or later version",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0028"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109799604/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032"
]
}
],
"title": "CVE-2020-25705"
}
]
}
ICSA-24-074-07
Vulnerability from csaf_cisa - Published: 2024-03-14 06:00 - Updated: 2024-03-14 06:00Summary
Siemens SIMATIC
Notes
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices: Do not click web links or open attachments in unsolicited email messages.
Recommended Practices: Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices: Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices: No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
8.1 (High)
7.8 (High)
5.0 (Medium)
7.8 (High)
5.5 (Medium)
7.5 (High)
8.1 (High)
7.8 (High)
6.7 (Medium)
CWE-326
- Inadequate Encryption Strength
7.4 (High)
5.4 (Medium)
4.2 (Medium)
4.4 (Medium)
7.8 (High)
7.8 (High)
7.8 (High)
8.8 (High)
7.5 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.3 (High)
7.3 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.5 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.8 (High)
5.5 (Medium)
9.8 (Critical)
9.8 (Critical)
7.8 (High)
5.5 (Medium)
7.8 (High)
7.5 (High)
8.0 (High)
7.3 (High)
7.5 (High)
5.5 (Medium)
7.8 (High)
7.8 (High)
4.7 (Medium)
5.5 (Medium)
5.5 (Medium)
8.8 (High)
9.8 (Critical)
7.0 (High)
7.8 (High)
5.5 (Medium)
7.8 (High)
5.5 (Medium)
7.3 (High)
8.8 (High)
7.0 (High)
7.0 (High)
7.8 (High)
7.8 (High)
7.8 (High)
7.8 (High)
8.1 (High)
9.8 (Critical)
9.8 (Critical)
7.8 (High)
7.0 (High)
5.5 (Medium)
7.5 (High)
5.5 (Medium)
6.7 (Medium)
7.8 (High)
7.8 (High)
5.5 (Medium)
7.8 (High)
7.3 (High)
7.8 (High)
8.0 (High)
7.5 (High)
5.5 (Medium)
7.3 (High)
5.5 (Medium)
7.8 (High)
5.5 (Medium)
5.5 (Medium)
7.8 (High)
5.5 (Medium)
5.5 (Medium)
7.8 (High)
6.5 (Medium)
5.5 (Medium)
7.8 (High)
5.5 (Medium)
5.5 (Medium)
7.8 (High)
7.8 (High)
5.0 (Medium)
7.0 (High)
5.5 (Medium)
6.5 (Medium)
7.8 (High)
5.5 (Medium)
5.5 (Medium)
5.5 (Medium)
7.8 (High)
8.1 (High)
5.0 (Medium)
6.4 (Medium)
7.8 (High)
7.8 (High)
7.8 (High)
8.8 (High)
5.5 (Medium)
8.0 (High)
5.0 (Medium)
7.8 (High)
4.4 (Medium)
7.1 (High)
6.5 (Medium)
8.8 (High)
8.8 (High)
8.8 (High)
7.8 (High)
9.8 (Critical)
9.8 (Critical)
5.5 (Medium)
7.8 (High)
6.8 (Medium)
7.8 (High)
9.8 (Critical)
7.8 (High)
7.8 (High)
7.0 (High)
5.5 (Medium)
7.8 (High)
9.8 (Critical)
9.8 (Critical)
5.5 (Medium)
9.8 (Critical)
5.5 (Medium)
8.8 (High)
7.8 (High)
7.0 (High)
4.6 (Medium)
7.8 (High)
5.5 (Medium)
6.5 (Medium)
8.8 (High)
9.8 (Critical)
9.8 (Critical)
5.5 (Medium)
7.5 (High)
4.4 (Medium)
5.5 (Medium)
References
198 references
Acknowledgments
Siemens
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Do not click web links or open attachments in unsolicited email messages.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-24-074-07 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-074-07.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-24-074-07 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SIMATIC",
"tracking": {
"current_release_date": "2024-03-14T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-074-07",
"initial_release_date": "2024-03-14T06:00:00.000000Z",
"revision_history": [
{
"date": "2024-03-14T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.2",
"product": {
"name": "Siemens SIMATIC RF160B (6GT2003-0FA00): \u003cV2.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SIMATIC RF160B (6GT2003-0FA00)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-14491",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-18509",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18509"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-0338",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-9 Android ID: A-123700107",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0338"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-0417",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-154319182",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0417"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-10768",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10768"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-11301",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11301"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-14305",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds memory write flaw was found in how the Linux kernel\u0027s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14305"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-14381",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in the Linux kernel\u0027s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14381"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-15436",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-24587",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-25705",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26555",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26555"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26558",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-29660",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-29661",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0302",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android-9 Android-10Android ID: A-155287782",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0302"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0305",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-154015447",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0305"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0325",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-174238784",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0325"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0326",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In p2p_copy_client_info of p2p.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi direct search, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172937525",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0326"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0327",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-172935267",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0327"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0328",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172670415",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0328"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0329",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In several native functions called by AdvertiseManager.java, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-171400004",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0329"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0330",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-170732441",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0330"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0331",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-170731783",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0331"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0333",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-168504491",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0333"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0334",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-163358811",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0334"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0336",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-158219161",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0336"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0337",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-157474195",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0337"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0339",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-145728687",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0339"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0341",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171980069",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0390",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174749461",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0390"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0391",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172841550",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0391"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0392",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-175124730",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0392"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0393",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-168041375",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0393"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0394",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172655291",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0394"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0396",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-160610106",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0396"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0397",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174052148",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0397"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0399",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-176919394References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0399"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0400",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-177561690",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0400"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0429",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175074139",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0429"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0431",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174149901",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0431"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0433",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171221090",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0433"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0434",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In onReceive of BluetoothPermissionRequest.java, a phishing attack is possible allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-167403112",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0434"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0435",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174150451",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0435"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0436",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out-of-bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496160",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0436"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0437",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176168330",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0437"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0438",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-152064592",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0438"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0443",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-170474245",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0443"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0444",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-178825358",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0444"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0471",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444786",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0471"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0473",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179687208",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0473"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0474",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-177611958",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0474"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0476",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-169252501",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0476"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0478",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-169255797",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0478"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0480",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-174493336",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0480"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0481",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-172939189",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0481"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0484",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "summary",
"text": "In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-173720767",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0484"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0506",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-181962311",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0506"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0507",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181860042",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0507"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0508",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176444154",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0508"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0509",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444161",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0509"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0510",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444622",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0510"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0511",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-178055795",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0511"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0512",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-173843328References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0513",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-156090809",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0513"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0514",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-9, Android-11, Android-8.1 Android ID: A-162604069",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0514"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0515",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-167389063",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0515"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0516",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out-of-bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181660448",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0516"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0519",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-176533109",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0519"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0520",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-10 Android ID: A-176237595",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0520"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0521",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174661955",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0521"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0522",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out-of-bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-174182139",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0522"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0584",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In verifyBufferObject of Parcel.cpp, there is a possible out-of-bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-179289794",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0584"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0585",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In beginWrite and beginRead of MessageQueueBase.h, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-184963385",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0585"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0586",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-182584940",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0586"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0587",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185259758",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0587"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0588",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "summary",
"text": "In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-177238342",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0588"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0589",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180939982",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0589"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0591",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179386960",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0591"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0593",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179386068",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0593"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0594",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176445224",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0594"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0596",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181346550",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0596"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0597",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496502",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0597"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0598",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180422108",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0598"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0599",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175614289",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0599"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0600",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-179042963",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0600"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0601",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out-of-bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-180643802",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0601"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0604",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179910660",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0604"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0640",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In noteAtomLogged of StatsdStats.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-187957589",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0640"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0641",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185235454",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0641"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0642",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-185126149",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0642"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0646",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In sqlite3_str_vappendf of sqlite3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process\u0027s SQL with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-153352319",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0646"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0650",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-190286685",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0650"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0651",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In loadLabel of PackageItemInfo.java, there is a possible way to cause a denial of service in a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-67013844",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0651"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0652",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing objects that are not thread-safe. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185178568",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0652"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0653",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-177931370",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0653"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0682",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-159624555",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0682"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0683",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In runTraceIpcStop of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-185398942",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0683"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0684",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179839665",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0684"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0687",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "summary",
"text": "In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-188913943",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0687"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0688",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-161149543",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0688"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0689",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-190188264",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0689"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0690",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-182152757",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0690"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0692",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-179289753",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0692"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0695",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In get_sock_stat of xt_qtaguid.c, there is a possible out-of-bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-184018316References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0695"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0704",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"notes": [
{
"category": "summary",
"text": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-179338675",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0704"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0706",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android-11Android ID: A-193444889",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0706"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0708",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "In runDumpHeap of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-183262161",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0708"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0870",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In RW_SetActivatedTagType of rw_main.cc, memory corruption is possible due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-192472262",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0870"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0919",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-197336441",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0919"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0920",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196926917References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0926",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-191053931",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0926"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0928",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-188675581",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0928"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0929",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-187527909 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0929"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0930",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-181660091",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0930"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0931",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-180747689",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0931"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0933",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-172251622",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0933"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0952",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user\u0027s contacts with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-195748381",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0952"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0953",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"notes": [
{
"category": "summary",
"text": "In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-184046278",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0953"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0961",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "summary",
"text": "In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196046570References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0961"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0963",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "summary",
"text": "In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199754277",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0963"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0964",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "summary",
"text": "In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-193363621",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0964"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0965",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194300867",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0965"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0967",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In vorbis_book_decodev_set of codebook.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199065614",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0967"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0968",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In osi_malloc and osi_calloc of allocator.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197868577",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0968"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-0970",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "summary",
"text": "In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-196970023",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0970"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-1972",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1972"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-1976",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1976"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-29647",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29647"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-33909",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an out-of-bounds write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-38204",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38204"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39621",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126319",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39621"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39623",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In doRead of SimpleDecodingSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194105348",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39623"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39626",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194695497",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39626"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39627",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126549",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39627"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39629",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197353344",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39629"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39633",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-150694665 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39633"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2021-39634",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-204450605References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39634"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20127",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-221862119",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20127"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20130",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224314979",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20130"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20227",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In USB driver, there is a possible out-of-bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-216825460 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20229",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224536184",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20229"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20355",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-219498290",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20355"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20411",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-232023771",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20411"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20421",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239630375 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20421"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20422",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-237540956 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20422"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20423",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "In rndis_set_response of rndis.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239842288 References: Upstream kernel",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20423"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20462",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230356196",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20462"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20466",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"notes": [
{
"category": "summary",
"text": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-179725730",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20466"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20468",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In BNEP_ConnectResp of bnep_api.cc, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-228450451",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20468"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20469",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230867224",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20469"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20472",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239210579",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20472"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20473",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239267173",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20473"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20476",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-240936919",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20476"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20483",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "summary",
"text": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out-of-bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-242459126",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20483"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20498",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In fdt_path_offset_namelen of fdt_ro.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246465319",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20498"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-20500",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246540168",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20500"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/cert/operational-guidelines-industrial-security"
},
{
"category": "mitigation",
"details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.siemens.com/industrialsecurity"
},
{
"category": "mitigation",
"details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
MSRC_CVE-2020-25705
Vulnerability from csaf_microsoft - Published: 2020-11-02 00:00 - Updated: 2020-12-03 00:00Summary
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2020-25705 A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-25705.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version",
"tracking": {
"current_release_date": "2020-12-03T00:00:00.000Z",
"generator": {
"date": "2025-12-27T20:59:49.660Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2020-25705",
"initial_release_date": "2020-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2020-12-03T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 kernel 5.4.91-1",
"product": {
"name": "\u003ccm1 kernel 5.4.91-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 kernel 5.4.91-1",
"product": {
"name": "cm1 kernel 5.4.91-1",
"product_id": "19137"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 kernel 5.4.91-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 kernel 5.4.91-1 as a component of CBL Mariner 1.0",
"product_id": "19137-16820"
},
"product_reference": "19137",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25705",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19137-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-25705 A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-25705.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T00:00:00.000Z",
"details": "5.4.91-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version"
}
]
}
OPENSUSE-SU-2020:1906-1
Vulnerability from csaf_opensuse - Published: 2020-11-14 08:15 - Updated: 2020-11-14 08:15Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393).
- CVE-2020-25668: Make FONTX ioctl use the tty pointer they were actually passed (bsc#1178123).
- CVE-2020-25656: Extend func_buf_lock to readers (bnc#1177766).
- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812 (bnc#1176485).
- CVE-2020-14351: Fixed race in the perf_mmap_close() function (bsc#1177086).
- CVE-2020-8694: Restrict energy meter to root access (bsc#1170415).
- CVE-2020-16120: Check permission to open real file in overlayfs (bsc#1177470).
- CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)
The following non-security bugs were fixed:
- ACPI: Always build evged in (git-fixes).
- ACPI: button: fix handling lid state changes when input device closed (git-fixes).
- ACPI: configfs: Add missing config_item_put() to fix refcount leak (git-fixes).
- acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
- ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
- ACPI / extlog: Check for RDMSR failure (git-fixes).
- ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
- act_ife: load meta modules before tcf_idr_check_alloc() (networking-stable-20_09_24).
- Add CONFIG_CHECK_CODESIGN_EKU
- ALSA: ac97: (cosmetic) align argument names (git-fixes).
- ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
- ALSA: asihpi: fix spellint typo in comments (git-fixes).
- ALSA: atmel: ac97: clarify operator precedence (git-fixes).
- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
- ALSA: compress_offload: remove redundant initialization (git-fixes).
- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
- ALSA: core: pcm: simplify locking for timers (git-fixes).
- ALSA: core: timer: clarify operator precedence (git-fixes).
- ALSA: core: timer: remove redundant assignment (git-fixes).
- ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes).
- ALSA: fireworks: use semicolons rather than commas to separate statements (git-fixes).
- ALSA: fix kernel-doc markups (git-fixes).
- ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
- ALSA: hda: (cosmetic) align function parameters (git-fixes).
- ALSA: hda - Do not register a cb func if it is registered already (git-fixes).
- ALSA: hda - Fix the return value if cb func is already registered (git-fixes).
- ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes).
- ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).
- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).
- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).
- ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).
- ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes).
- ALSA: hda/realtek - set mic to auto detect on a HP AIO machine (git-fixes).
- ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).
- ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).
- ALSA: hdspm: Fix typo arbitary (git-fixes).
- ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
- ALSA: portman2x4: fix repeated word 'if' (git-fixes).
- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
- ALSA: sparc: dbri: fix repeated word 'the' (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).
- ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
- ALSA: usb-audio: fix spelling mistake 'Frequence' -> 'Frequency' (git-fixes).
- ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk (git-fixes).
- ALSA: usb: scarless_gen2: fix endianness issue (git-fixes).
- ALSA: vx: vx_core: clarify operator precedence (git-fixes).
- ALSA: vx: vx_pcm: remove redundant assignment (git-fixes).
- ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).
- ASoC: cs42l51: manage mclk shutdown delay (git-fixes).
- ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe() (git-fixes).
- ASoC: fsl_sai: Instantiate snd_soc_dai_driver (git-fixes).
- ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes).
- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
- ASoC: qcom: sdm845: set driver name correctly (git-fixes).
- ASoC: sun50i-codec-analog: Fix duplicate use of ADC enable bits (git-fixes).
- ASoC: tlv320aic32x4: Fix bdiv clock rate derivation (git-fixes).
- ata: sata_rcar: Fix DMA boundary mask (git-fixes).
- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).
- ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes).
- ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
- ath10k: provide survey info as accumulated data (git-fixes).
- ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
- ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes).
- ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes).
- ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes).
- ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes).
- ath9k_htc: Use appropriate rs_datalen type (git-fixes).
- backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).
- blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750).
- block: ensure bdi->io_pages is always initialized (bsc#1177749).
- block: Fix page_is_mergeable() for compound pages (bsc#1177814).
- block: Set same_page to false in __bio_try_merge_page if ret is false (git-fixes).
- Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb (git-fixes).
- Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
- Bluetooth: Only mark socket zapped after unlocking (git-fixes).
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (git-fixes).
- bonding: show saner speed for broadcast mode (networking-stable-20_08_24).
- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).
- brcmfmac: check ndev pointer (git-fixes).
- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
- btrfs: Account for merged patches upstream Move below patches to sorted section.
- btrfs: add owner and fs_info to alloc_state io_tree (bsc#1177854).
- btrfs: allocate scrub workqueues outside of locks (bsc#1178183).
- btrfs: cleanup cow block on error (bsc#1178584).
- btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
- btrfs: drop path before adding new uuid tree entry (bsc#1178176).
- btrfs: fix filesystem corruption after a device replace (bsc#1178395).
- btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190).
- btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191).
- btrfs: fix space cache memory leak after transaction abort (bsc#1178173).
- btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks (bsc#1178395).
- btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing (bsc#1178395).
- btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).
- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).
- btrfs: reschedule if necessary when logging directory items (bsc#1178585).
- btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).
- btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).
- btrfs: set the correct lockdep class for new nodes (bsc#1178184).
- btrfs: set the lockdep class for log tree extent buffers (bsc#1178186).
- btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).
- can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).
- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).
- can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).
- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).
- can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes).
- can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).
- can: flexcan: remove ack_grp and ack_bit handling from driver (git-fixes).
- can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes).
- can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).
- can: peak_usb: add range checking in decode operations (git-fixes).
- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).
- can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
- can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes).
- ceph: promote to unsigned long long before shifting (bsc#1178175).
- clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).
- clk: at91: remove the checking of parent_name (git-fixes).
- clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes).
- clk: imx8mq: Fix usdhc parents order (git-fixes).
- clk: keystone: sci-clk: fix parsing assigned-clock data during probe (git-fixes).
- clk: meson: g12a: mark fclk_div2 as critical (git-fixes).
- clk: qcom: gcc-sdm660: Fix wrong parent_map (git-fixes).
- crypto: ccp - fix error handling (git-fixes).
- cxgb4: fix memory leak during module unload (networking-stable-20_09_24).
- cxgb4: Fix offset when clearing filter byte counters (networking-stable-20_09_24).
- cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
- dax: Fix compilation for CONFIG_DAX && !CONFIG_FS_DAX (bsc#1177817).
- Disable module compression on SLE15 SP2 (bsc#1178307)
- dma-direct: add missing set_memory_decrypted() for coherent mapping (bsc#1175898, ECO-2743).
- dma-direct: always align allocation size in dma_direct_alloc_pages() (bsc#1175898, ECO-2743).
- dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743).
- dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743).
- dma-direct: consolidate the error handling in dma_direct_alloc_pages (bsc#1175898, ECO-2743).
- dma-direct: make uncached_kernel_address more general (bsc#1175898, ECO-2743).
- dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743).
- dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743).
- dma-direct: re-encrypt memory if dma_direct_alloc_pages() fails (bsc#1175898, ECO-2743).
- dma-direct: remove __dma_direct_free_pages (bsc#1175898, ECO-2743).
- dma-direct: remove the dma_handle argument to __dma_direct_alloc_pages (bsc#1175898, ECO-2743).
- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).
- dmaengine: dmatest: Check list for emptiness before access its last entry (git-fixes).
- dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes).
- dma-mapping: add a dma_can_mmap helper (bsc#1175898, ECO-2743).
- dma-mapping: always use VM_DMA_COHERENT for generic DMA remap (bsc#1175898, ECO-2743).
- dma-mapping: DMA_COHERENT_POOL should select GENERIC_ALLOCATOR (bsc#1175898, ECO-2743).
- dma-mapping: make dma_atomic_pool_init self-contained (bsc#1175898, ECO-2743).
- dma-mapping: merge the generic remapping helpers into dma-direct (bsc#1175898, ECO-2743).
- dma-mapping: remove arch_dma_mmap_pgprot (bsc#1175898, ECO-2743).
- dma-mapping: warn when coherent pool is depleted (bsc#1175898, ECO-2743).
- dma-pool: add additional coherent pools to map to gfp mask (bsc#1175898, ECO-2743).
- dma-pool: add pool sizes to debugfs (bsc#1175898, ECO-2743).
- dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL (bsc#1175898, ECO-2743).
- dma-pool: do not allocate pool memory from CMA (bsc#1175898, ECO-2743).
- dma-pool: dynamically expanding atomic pools (bsc#1175898, ECO-2743).
- dma-pool: Fix an uninitialized variable bug in atomic_pool_expand() (bsc#1175898, ECO-2743).
- dma-pool: fix coherent pool allocations for IOMMU mappings (bsc#1175898, ECO-2743).
- dma-pool: fix too large DMA pools on medium memory size systems (bsc#1175898, ECO-2743).
- dma-pool: get rid of dma_in_atomic_pool() (bsc#1175898, ECO-2743).
- dma-pool: introduce dma_guess_pool() (bsc#1175898, ECO-2743).
- dma-pool: make sure atomic pool suits device (bsc#1175898, ECO-2743).
- dma-pool: Only allocate from CMA when in same memory zone (bsc#1175898, ECO-2743).
- dma-pool: scale the default DMA coherent pool size with memory capacity (bsc#1175898, ECO-2743).
- dma-remap: separate DMA atomic pools from direct remap code (bsc#1175898, ECO-2743).
- dm: Call proper helper to determine dax support (bsc#1177817).
- dm/dax: Fix table reference counts (bsc#1178246).
- docs: driver-api: remove a duplicated index entry (git-fixes).
- drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).
- EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1152489).
- eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
- exfat: fix name_hash computation on big endian systems (git-fixes).
- exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes).
- exfat: fix possible memory leak in exfat_find() (git-fixes).
- exfat: fix use of uninitialized spinlock on error path (git-fixes).
- exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes).
- exfat: fix wrong size update of stream entry by typo (git-fixes).
- extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips (git-fixes).
- futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648).
- futex: Consistently use fshared as boolean (bsc#1149032).
- futex: Fix incorrect should_fail_futex() handling (bsc#1149032).
- futex: Remove put_futex_key() (bsc#1149032).
- futex: Remove unused or redundant includes (bsc#1149032).
- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24).
- gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11).
- HID: hid-input: fix stylus battery reporting (git-fixes).
- HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes).
- HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes).
- HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes).
- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).
- i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs (git-fixes).
- i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
- i2c: rcar: Auto select RESET_CONTROLLER (git-fixes).
- i3c: master add i3c_master_attach_boardinfo to preserve boardinfo (git-fixes).
- i3c: master: Fix error return in cdns_i3c_master_probe() (git-fixes).
- ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
- ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes).
- ibmvnic: set up 200GBPS speed (bsc#1129923 git-fixes).
- icmp: randomize the global rate limiter (git-fixes).
- ida: Free allocated bitmap in error path (git-fixes).
- iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes).
- iio: adc: gyroadc: fix leak of device node iterator (git-fixes).
- iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling (git-fixes).
- iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
- iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).
- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).
- iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).
- iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes).
- ima: Do not ignore errors from crypto_shash_update() (git-fixes).
- ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes).
- Input: ati_remote2 - add missing newlines when printing module parameters (git-fixes).
- Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes).
- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes).
- Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes).
- Input: stmfts - fix a & vs && typo (git-fixes).
- Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).
- Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes).
- iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).
- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (bsc#1177739).
- ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24).
- ipmi_si: Fix wrong return value in try_smi_init() (git-fixes).
- ipv4: Initialize flowi4_multipath_hash in data path (networking-stable-20_09_24).
- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes).
- ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24).
- ipv6: avoid lockdep issue in fib6_del() (networking-stable-20_09_24).
- ipv6: Fix sysctl max for fib_multipath_hash_policy (networking-stable-20_09_11).
- ipvlan: fix device features (networking-stable-20_08_24).
- iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
- kABI: Fix kABI after add CodeSigning extended key usage (bsc#1177353).
- kallsyms: Refactor kallsyms_show_value() to take cred (git-fixes).
- kbuild: enforce -Werror=return-type (bsc#1177281).
- KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes).
- leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
- leds: mt6323: move period calculation (git-fixes).
- libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178177).
- lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
- mac80211: handle lack of sband->bitrates in rates (git-fixes).
- mailbox: avoid timer start from callback (git-fixes).
- media: ati_remote: sanity check for both endpoints (git-fixes).
- media: bdisp: Fix runtime PM imbalance on error (git-fixes).
- media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes).
- media: exynos4-is: Fix a reference count leak (git-fixes).
- media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes).
- media: firewire: fix memory leak (git-fixes).
- media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes).
- media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes).
- media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes).
- media: imx274: fix frame interval handling (git-fixes).
- media: media/pci: prevent memory leak in bttv_probe (git-fixes).
- media: platform: Improve queue set up flow for bug fixing (git-fixes).
- media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).
- media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
- media: rcar_drif: Allocate v4l2_async_subdev dynamically (git-fixes).
- media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes).
- media: saa7134: avoid a shift overflow (git-fixes).
- media: st-delta: Fix reference count leak in delta_run_work (git-fixes).
- media: sti: Fix reference count leaks (git-fixes).
- media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
- media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
- media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).
- media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes).
- media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes).
- media: vsp1: Fix runtime PM imbalance on error (git-fixes).
- memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes).
- memory: omap-gpmc: Fix a couple off by ones (git-fixes).
- memory: omap-gpmc: Fix build error without CONFIG_OF (git-fixes).
- mfd: sm501: Fix leaks in probe() (git-fixes).
- mic: vop: copy data to kernel space then write to io memory (git-fixes).
- misc: mic: scif: Fix error handling path (git-fixes).
- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
- misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes).
- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
- mm: do not panic when links can't be created in sysfs (bsc#1178002).
- mm: do not rely on system state to detect hot-plug operations (bsc#1178002).
- mm: fix a race during THP splitting (bsc#1178255).
- mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
- mm: madvise: fix vma user-after-free (git-fixes).
- mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)).
- mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)).
- mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).
- mm: replace memmap_context by meminit_context (bsc#1178002).
- mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
- mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).
- mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).
- module: Correctly truncate sysfs sections output (git-fixes).
- module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes).
- module: Refactor section attr into bin attribute (git-fixes).
- module: statically initialize init section freeing data (git-fixes).
- Move upstreamed BT patch into sorted section
- mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
- mtd: lpddr: fix excessive stack usage with clang (git-fixes).
- mtd: mtdoops: Do not write panic data twice (git-fixes).
- mtd: rawnand: stm32_fmc2: fix a buffer overflow (git-fixes).
- mtd: rawnand: vf610: disable clk on error handling path in probe (git-fixes).
- mtd: spinand: gigadevice: Add QE Bit (git-fixes).
- mtd: spinand: gigadevice: Only one dummy byte in QUADIO (git-fixes).
- mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).
- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
- mwifiex: fix double free (git-fixes).
- mwifiex: remove function pointer check (git-fixes).
- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).
- net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under RCU (networking-stable-20_09_24).
- net/core: check length before updating Ethertype in skb_mpls_{push,pop} (git-fixes).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (networking-stable-20_09_24).
- net: disable netpoll on fresh napis (networking-stable-20_09_11).
- net: dsa: b53: check for timeout (networking-stable-20_08_24).
- net: dsa: rtl8366: Properly clear member config (networking-stable-20_09_24).
- net: fec: correct the error path for regulator disable in probe (networking-stable-20_08_24).
- net: Fix bridge enslavement failure (networking-stable-20_09_24).
- net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24).
- net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).
- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24).
- netlabel: fix problems with mapping removal (networking-stable-20_09_11).
- net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-20_09_24).
- net: lantiq: Use napi_complete_done() (networking-stable-20_09_24).
- net: lantiq: use netif_tx_napi_add() for TX NAPI (networking-stable-20_09_24).
- net: lantiq: Wake TX queue again (networking-stable-20_09_24).
- net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-20_09_24).
- net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-20_09_24).
- net/mlx5: Fix FTE cleanup (networking-stable-20_09_24).
- net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461).
- net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24).
- net: phy: Do not warn in phy_stop() on PHY_DOWN (networking-stable-20_09_24).
- net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24).
- net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow (networking-stable-20_08_24).
- net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant (networking-stable-20_09_24).
- net: sctp: Fix negotiation of the number of data streams (networking-stable-20_08_24).
- net/smc: Prevent kernel-infoleak in __smc_diag_dump() (networking-stable-20_08_24).
- net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11).
- net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11).
- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
- net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes).
- net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes).
- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes).
- nfp: use correct define to return NONE fec (networking-stable-20_09_24).
- nl80211: fix non-split wiphy information (git-fixes).
- NTB: hw: amd: fix an issue about leak system resources (git-fixes).
- ntb: intel: Fix memleak in intel_ntb_pci_probe (git-fixes).
- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
- nvme-rdma: fix crash when connect rejected (bsc#1174748).
- overflow: Include header file with SIZE_MAX declaration (git-fixes).
- p54: avoid accessing the data mapped to streaming DMA (git-fixes).
- PCI: aardvark: Check for errors from pci_bridge_emul_init() call (git-fixes).
- PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes).
- percpu: fix first chunk size calculation for populated bitmap (git-fixes (mm/percpu)).
- perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1152489).
- perf/x86: Fix n_pair for cancelled txn (bsc#1152489).
- pinctrl: mcp23s08: Fix mcp23x17 precious range (git-fixes).
- pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser (git-fixes).
- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification.
- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification (bsc#1177353).
- platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
- PM: hibernate: Batch hibernate and resume IO requests (bsc#1178079).
- PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes).
- PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes).
- powerpc/book3s64/radix: Make radix_mem_block_size 64bit (bsc#1055186 ltc#153436 git-fixes).
- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).
- powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
- powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).
- powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
- powerpc/papr_scm: Fix warning triggered by perf_stats_show() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).
- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
- powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
- powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).
- powerpc/pseries: Avoid using addr_to_pfn in real mode (jsc#SLE-9246 git-fixes).
- powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).
- powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).
- power: supply: bq27xxx: report 'not charging' on all types (git-fixes).
- power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).
- pwm: img: Fix null pointer access in probe (git-fixes).
- pwm: lpss: Add range limit check for the base_unit register value (git-fixes).
- pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes).
- qtnfmac: fix resource leaks on unsupported iftype error return path (git-fixes).
- r8169: fix issue with forced threading in combination with shared interrupts (git-fixes).
- r8169: fix operation under forced interrupt threading (git-fixes).
- rapidio: fix the missed put_device() for rio_mport_add_riodev (git-fixes).
- regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).
- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
- rtc: rx8010: do not modify the global rtc ops (git-fixes).
- rtl8xxxu: prevent potential memory leak (git-fixes).
- rtw88: increse the size of rx buffer size (git-fixes).
- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177799 LTC#188733).
- s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735).
- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
- scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).
- scsi: mptfusion: Do not use GFP_ATOMIC for larger DMA allocations (bsc#1175898, ECO-2743).
- sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11).
- selftests/timers: Turn off timeout setting (git-fixes).
- serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes).
- serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes).
- slimbus: core: check get_addr before removing laddr ida (git-fixes).
- slimbus: core: do not enter to clock pause mode in core (git-fixes).
- slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback (git-fixes).
- soc: fsl: qbman: Fix return value on success (git-fixes).
- spi: spi-s3c64xx: Check return values (git-fixes).
- spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() (git-fixes).
- staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).
- staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes).
- staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).
- staging: octeon: repair 'fixed-link' support (git-fixes).
- staging: rtl8192u: Do not use GFP_KERNEL in atomic context (git-fixes).
- taprio: Fix allowing too small intervals (networking-stable-20_09_24).
- time: Prevent undefined behaviour in timespec64_to_ns() (bsc#1164648).
- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
- tipc: Fix memory leak in tipc_group_create_member() (networking-stable-20_09_24).
- tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11).
- tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24).
- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
- tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24).
- tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24).
- tracing: Check return value of __create_val_fields() before using its result (git-fixes).
- tracing: Save normal string variables (git-fixes).
- tty: ipwireless: fix error handling (git-fixes).
- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
- uio: free uio id after uio file node is freed (git-fixes).
- USB: adutux: fix debugging (git-fixes).
- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
- usb: cdc-acm: fix cooldown mechanism (git-fixes).
- USB: cdc-acm: handle broken union descriptors (git-fixes).
- USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes).
- usb: core: Solve race condition in anchor cleanup functions (git-fixes).
- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
- usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
- usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
- usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).
- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
- usb: dwc3: gadget: Resume pending requests after CLEAR_STALL (git-fixes).
- usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality (git-fixes).
- usb: dwc3: simple: add support for Hikey 970 (git-fixes).
- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).
- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).
- usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes).
- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).
- usblp: fix race between disconnect() and read() (git-fixes).
- usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
- usb: ohci: Default to per-port over-current protection (git-fixes).
- USB: serial: cyberjack: fix write-URB completion race (git-fixes).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- USB: serial: qcserial: fix altsetting probing (git-fixes).
- usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).
- usb: xhci-mtk: Fix typo (git-fixes).
- usb: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes).
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
- VMCI: check return value of get_user_pages_fast() for errors (git-fixes).
- w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).
- watchdog: Fix memleak in watchdog_cdev_register (git-fixes).
- watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3 (git-fixes).
- watchdog: Use put_device on error (git-fixes).
- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).
- writeback: Avoid skipping inode writeback (bsc#1177755).
- writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755).
- writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755).
- X.509: Add CodeSigning extended key usage parsing (bsc#1177353).
- x86/alternative: Do not call text_poke() in lazy TLB mode (bsc#1175749).
- x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1152489).
- x86/ioapic: Unbreak check_timer() (bsc#1152489).
- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1177765).
- x86/mm: unencrypted non-blocking DMA allocations use coherent pools (bsc#1175898, ECO-2743).
- x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).
- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/events: add a new 'late EOI' evtchn framework (XSA-332 bsc#1177411).
- xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).
- xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).
- xen/events: block rogue events for some time (XSA-332 bsc#1177411).
- xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).
- xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).
- xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).
- xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).
- xen/gntdev.c: Mark pages as dirty (bsc#1065600).
- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/pvcallsback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146).
- xfs: do not update mtime on COW faults (bsc#1167030).
- xfs: fix high key handling in the rt allocator's query_range function (git-fixes).
- xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes).
- xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files (git-fixes).
- xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).
- xfs: force the log after remapping a synchronous-writes file (git-fixes).
- xfs: introduce XFS_MAX_FILEOFF (bsc#1166166).
- xfs: limit entries returned when counting fsmap records (git-fixes).
- xfs: remove unused variable 'done' (bsc#1166166).
- xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes).
- xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166).
- xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes).
Patchnames: openSUSE-2020-1906
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.4 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
110 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393).\n- CVE-2020-25668: Make FONTX ioctl use the tty pointer they were actually passed (bsc#1178123).\n- CVE-2020-25656: Extend func_buf_lock to readers (bnc#1177766).\n- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812 (bnc#1176485).\n- CVE-2020-14351: Fixed race in the perf_mmap_close() function (bsc#1177086).\n- CVE-2020-8694: Restrict energy meter to root access (bsc#1170415).\n- CVE-2020-16120: Check permission to open real file in overlayfs (bsc#1177470).\n- CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)\n\nThe following non-security bugs were fixed:\n\n- ACPI: Always build evged in (git-fixes).\n- ACPI: button: fix handling lid state changes when input device closed (git-fixes).\n- ACPI: configfs: Add missing config_item_put() to fix refcount leak (git-fixes).\n- acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).\n- ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).\n- ACPI / extlog: Check for RDMSR failure (git-fixes).\n- ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).\n- act_ife: load meta modules before tcf_idr_check_alloc() (networking-stable-20_09_24).\n- Add CONFIG_CHECK_CODESIGN_EKU\n- ALSA: ac97: (cosmetic) align argument names (git-fixes).\n- ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).\n- ALSA: asihpi: fix spellint typo in comments (git-fixes).\n- ALSA: atmel: ac97: clarify operator precedence (git-fixes).\n- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).\n- ALSA: compress_offload: remove redundant initialization (git-fixes).\n- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).\n- ALSA: core: pcm: simplify locking for timers (git-fixes).\n- ALSA: core: timer: clarify operator precedence (git-fixes).\n- ALSA: core: timer: remove redundant assignment (git-fixes).\n- ALSA: ctl: Workaround for lockdep warning wrt card-\u003ectl_files_rwlock (git-fixes).\n- ALSA: fireworks: use semicolons rather than commas to separate statements (git-fixes).\n- ALSA: fix kernel-doc markups (git-fixes).\n- ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).\n- ALSA: hda: (cosmetic) align function parameters (git-fixes).\n- ALSA: hda - Do not register a cb func if it is registered already (git-fixes).\n- ALSA: hda - Fix the return value if cb func is already registered (git-fixes).\n- ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes).\n- ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).\n- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).\n- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).\n- ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).\n- ALSA: hda/realtek - Fixed HP headset Mic can\u0027t be detected (git-fixes).\n- ALSA: hda/realtek - set mic to auto detect on a HP AIO machine (git-fixes).\n- ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).\n- ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).\n- ALSA: hdspm: Fix typo arbitary (git-fixes).\n- ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).\n- ALSA: portman2x4: fix repeated word \u0027if\u0027 (git-fixes).\n- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).\n- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).\n- ALSA: sparc: dbri: fix repeated word \u0027the\u0027 (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).\n- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).\n- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).\n- ALSA: usb-audio: endpoint.c: fix repeated word \u0027there\u0027 (git-fixes).\n- ALSA: usb-audio: fix spelling mistake \u0027Frequence\u0027 -\u003e \u0027Frequency\u0027 (git-fixes).\n- ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk (git-fixes).\n- ALSA: usb: scarless_gen2: fix endianness issue (git-fixes).\n- ALSA: vx: vx_core: clarify operator precedence (git-fixes).\n- ALSA: vx: vx_pcm: remove redundant assignment (git-fixes).\n- ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).\n- ASoC: cs42l51: manage mclk shutdown delay (git-fixes).\n- ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe() (git-fixes).\n- ASoC: fsl_sai: Instantiate snd_soc_dai_driver (git-fixes).\n- ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes).\n- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).\n- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).\n- ASoC: qcom: sdm845: set driver name correctly (git-fixes).\n- ASoC: sun50i-codec-analog: Fix duplicate use of ADC enable bits (git-fixes).\n- ASoC: tlv320aic32x4: Fix bdiv clock rate derivation (git-fixes).\n- ata: sata_rcar: Fix DMA boundary mask (git-fixes).\n- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).\n- ath10k: Fix the size used in a \u0027dma_free_coherent()\u0027 call in an error handling path (git-fixes).\n- ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).\n- ath10k: provide survey info as accumulated data (git-fixes).\n- ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).\n- ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes).\n- ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes).\n- ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes).\n- ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes).\n- ath9k_htc: Use appropriate rs_datalen type (git-fixes).\n- backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).\n- blk-mq: order adding requests to hctx-\u003edispatch and checking SCHED_RESTART (bsc#1177750).\n- block: ensure bdi-\u003eio_pages is always initialized (bsc#1177749).\n- block: Fix page_is_mergeable() for compound pages (bsc#1177814).\n- block: Set same_page to false in __bio_try_merge_page if ret is false (git-fixes).\n- Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb (git-fixes).\n- Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).\n- Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).\n- Bluetooth: Only mark socket zapped after unlocking (git-fixes).\n- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (git-fixes).\n- bonding: show saner speed for broadcast mode (networking-stable-20_08_24).\n- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).\n- brcmfmac: check ndev pointer (git-fixes).\n- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).\n- btrfs: Account for merged patches upstream Move below patches to sorted section.\n- btrfs: add owner and fs_info to alloc_state io_tree (bsc#1177854).\n- btrfs: allocate scrub workqueues outside of locks (bsc#1178183).\n- btrfs: cleanup cow block on error (bsc#1178584).\n- btrfs: do not force read-only after error in drop snapshot (bsc#1176354).\n- btrfs: drop path before adding new uuid tree entry (bsc#1178176).\n- btrfs: fix filesystem corruption after a device replace (bsc#1178395).\n- btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190).\n- btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191).\n- btrfs: fix space cache memory leak after transaction abort (bsc#1178173).\n- btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks (bsc#1178395).\n- btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing (bsc#1178395).\n- btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).\n- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).\n- btrfs: reschedule if necessary when logging directory items (bsc#1178585).\n- btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).\n- btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).\n- btrfs: set the correct lockdep class for new nodes (bsc#1178184).\n- btrfs: set the lockdep class for log tree extent buffers (bsc#1178186).\n- btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).\n- can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).\n- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).\n- can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).\n- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).\n- can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes).\n- can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).\n- can: flexcan: remove ack_grp and ack_bit handling from driver (git-fixes).\n- can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes).\n- can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).\n- can: peak_usb: add range checking in decode operations (git-fixes).\n- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).\n- can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).\n- can: softing: softing_card_shutdown(): add braces around empty body in an \u0027if\u0027 statement (git-fixes).\n- ceph: promote to unsigned long long before shifting (bsc#1178175).\n- clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).\n- clk: at91: remove the checking of parent_name (git-fixes).\n- clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes).\n- clk: imx8mq: Fix usdhc parents order (git-fixes).\n- clk: keystone: sci-clk: fix parsing assigned-clock data during probe (git-fixes).\n- clk: meson: g12a: mark fclk_div2 as critical (git-fixes).\n- clk: qcom: gcc-sdm660: Fix wrong parent_map (git-fixes).\n- crypto: ccp - fix error handling (git-fixes).\n- cxgb4: fix memory leak during module unload (networking-stable-20_09_24).\n- cxgb4: Fix offset when clearing filter byte counters (networking-stable-20_09_24).\n- cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).\n- dax: Fix compilation for CONFIG_DAX \u0026\u0026 !CONFIG_FS_DAX (bsc#1177817).\n- Disable module compression on SLE15 SP2 (bsc#1178307)\n- dma-direct: add missing set_memory_decrypted() for coherent mapping (bsc#1175898, ECO-2743).\n- dma-direct: always align allocation size in dma_direct_alloc_pages() (bsc#1175898, ECO-2743).\n- dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743).\n- dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743).\n- dma-direct: consolidate the error handling in dma_direct_alloc_pages (bsc#1175898, ECO-2743).\n- dma-direct: make uncached_kernel_address more general (bsc#1175898, ECO-2743).\n- dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743).\n- dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743).\n- dma-direct: re-encrypt memory if dma_direct_alloc_pages() fails (bsc#1175898, ECO-2743).\n- dma-direct: remove __dma_direct_free_pages (bsc#1175898, ECO-2743).\n- dma-direct: remove the dma_handle argument to __dma_direct_alloc_pages (bsc#1175898, ECO-2743).\n- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).\n- dmaengine: dmatest: Check list for emptiness before access its last entry (git-fixes).\n- dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes).\n- dma-mapping: add a dma_can_mmap helper (bsc#1175898, ECO-2743).\n- dma-mapping: always use VM_DMA_COHERENT for generic DMA remap (bsc#1175898, ECO-2743).\n- dma-mapping: DMA_COHERENT_POOL should select GENERIC_ALLOCATOR (bsc#1175898, ECO-2743).\n- dma-mapping: make dma_atomic_pool_init self-contained (bsc#1175898, ECO-2743).\n- dma-mapping: merge the generic remapping helpers into dma-direct (bsc#1175898, ECO-2743).\n- dma-mapping: remove arch_dma_mmap_pgprot (bsc#1175898, ECO-2743).\n- dma-mapping: warn when coherent pool is depleted (bsc#1175898, ECO-2743).\n- dma-pool: add additional coherent pools to map to gfp mask (bsc#1175898, ECO-2743).\n- dma-pool: add pool sizes to debugfs (bsc#1175898, ECO-2743).\n- dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL (bsc#1175898, ECO-2743).\n- dma-pool: do not allocate pool memory from CMA (bsc#1175898, ECO-2743).\n- dma-pool: dynamically expanding atomic pools (bsc#1175898, ECO-2743).\n- dma-pool: Fix an uninitialized variable bug in atomic_pool_expand() (bsc#1175898, ECO-2743).\n- dma-pool: fix coherent pool allocations for IOMMU mappings (bsc#1175898, ECO-2743).\n- dma-pool: fix too large DMA pools on medium memory size systems (bsc#1175898, ECO-2743).\n- dma-pool: get rid of dma_in_atomic_pool() (bsc#1175898, ECO-2743).\n- dma-pool: introduce dma_guess_pool() (bsc#1175898, ECO-2743).\n- dma-pool: make sure atomic pool suits device (bsc#1175898, ECO-2743).\n- dma-pool: Only allocate from CMA when in same memory zone (bsc#1175898, ECO-2743).\n- dma-pool: scale the default DMA coherent pool size with memory capacity (bsc#1175898, ECO-2743).\n- dma-remap: separate DMA atomic pools from direct remap code (bsc#1175898, ECO-2743).\n- dm: Call proper helper to determine dax support (bsc#1177817).\n- dm/dax: Fix table reference counts (bsc#1178246).\n- docs: driver-api: remove a duplicated index entry (git-fixes).\n- drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).\n- EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1152489).\n- eeprom: at25: set minimum read/write access stride to 1 (git-fixes).\n- exfat: fix name_hash computation on big endian systems (git-fixes).\n- exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes).\n- exfat: fix possible memory leak in exfat_find() (git-fixes).\n- exfat: fix use of uninitialized spinlock on error path (git-fixes).\n- exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes).\n- exfat: fix wrong size update of stream entry by typo (git-fixes).\n- extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips (git-fixes).\n- futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648).\n- futex: Consistently use fshared as boolean (bsc#1149032).\n- futex: Fix incorrect should_fail_futex() handling (bsc#1149032).\n- futex: Remove put_futex_key() (bsc#1149032).\n- futex: Remove unused or redundant includes (bsc#1149032).\n- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24).\n- gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11).\n- HID: hid-input: fix stylus battery reporting (git-fixes).\n- HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes).\n- HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes).\n- HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes).\n- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).\n- i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs (git-fixes).\n- i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).\n- i2c: rcar: Auto select RESET_CONTROLLER (git-fixes).\n- i3c: master add i3c_master_attach_boardinfo to preserve boardinfo (git-fixes).\n- i3c: master: Fix error return in cdns_i3c_master_probe() (git-fixes).\n- ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).\n- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).\n- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).\n- ibmvnic: save changed mac address to adapter-\u003emac_addr (bsc#1134760 ltc#177449 git-fixes).\n- ibmvnic: set up 200GBPS speed (bsc#1129923 git-fixes).\n- icmp: randomize the global rate limiter (git-fixes).\n- ida: Free allocated bitmap in error path (git-fixes).\n- iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes).\n- iio: adc: gyroadc: fix leak of device node iterator (git-fixes).\n- iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling (git-fixes).\n- iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).\n- iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).\n- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).\n- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes).\n- ima: Do not ignore errors from crypto_shash_update() (git-fixes).\n- ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes).\n- Input: ati_remote2 - add missing newlines when printing module parameters (git-fixes).\n- Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes).\n- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes).\n- Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes).\n- Input: stmfts - fix a \u0026 vs \u0026\u0026 typo (git-fixes).\n- Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).\n- Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes).\n- iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).\n- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (bsc#1177739).\n- ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24).\n- ipmi_si: Fix wrong return value in try_smi_init() (git-fixes).\n- ipv4: Initialize flowi4_multipath_hash in data path (networking-stable-20_09_24).\n- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes).\n- ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24).\n- ipv6: avoid lockdep issue in fib6_del() (networking-stable-20_09_24).\n- ipv6: Fix sysctl max for fib_multipath_hash_policy (networking-stable-20_09_11).\n- ipvlan: fix device features (networking-stable-20_08_24).\n- iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).\n- kABI: Fix kABI after add CodeSigning extended key usage (bsc#1177353).\n- kallsyms: Refactor kallsyms_show_value() to take cred (git-fixes).\n- kbuild: enforce -Werror=return-type (bsc#1177281).\n- KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes).\n- leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).\n- leds: mt6323: move period calculation (git-fixes).\n- libceph: clear con-\u003eout_msg on Policy::stateful_server faults (bsc#1178177).\n- lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).\n- mac80211: handle lack of sband-\u003ebitrates in rates (git-fixes).\n- mailbox: avoid timer start from callback (git-fixes).\n- media: ati_remote: sanity check for both endpoints (git-fixes).\n- media: bdisp: Fix runtime PM imbalance on error (git-fixes).\n- media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes).\n- media: exynos4-is: Fix a reference count leak (git-fixes).\n- media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes).\n- media: firewire: fix memory leak (git-fixes).\n- media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes).\n- media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes).\n- media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes).\n- media: imx274: fix frame interval handling (git-fixes).\n- media: media/pci: prevent memory leak in bttv_probe (git-fixes).\n- media: platform: Improve queue set up flow for bug fixing (git-fixes).\n- media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).\n- media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).\n- media: rcar_drif: Allocate v4l2_async_subdev dynamically (git-fixes).\n- media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes).\n- media: saa7134: avoid a shift overflow (git-fixes).\n- media: st-delta: Fix reference count leak in delta_run_work (git-fixes).\n- media: sti: Fix reference count leaks (git-fixes).\n- media: tw5864: check status of tw5864_frameinterval_get (git-fixes).\n- media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).\n- media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).\n- media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes).\n- media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes).\n- media: vsp1: Fix runtime PM imbalance on error (git-fixes).\n- memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes).\n- memory: omap-gpmc: Fix a couple off by ones (git-fixes).\n- memory: omap-gpmc: Fix build error without CONFIG_OF (git-fixes).\n- mfd: sm501: Fix leaks in probe() (git-fixes).\n- mic: vop: copy data to kernel space then write to io memory (git-fixes).\n- misc: mic: scif: Fix error handling path (git-fixes).\n- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).\n- misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes).\n- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).\n- mm: do not panic when links can\u0027t be created in sysfs (bsc#1178002).\n- mm: do not rely on system state to detect hot-plug operations (bsc#1178002).\n- mm: fix a race during THP splitting (bsc#1178255).\n- mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).\n- mm: madvise: fix vma user-after-free (git-fixes).\n- mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)).\n- mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)).\n- mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).\n- mm: replace memmap_context by meminit_context (bsc#1178002).\n- mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).\n- mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).\n- mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).\n- module: Correctly truncate sysfs sections output (git-fixes).\n- module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes).\n- module: Refactor section attr into bin attribute (git-fixes).\n- module: statically initialize init section freeing data (git-fixes).\n- Move upstreamed BT patch into sorted section\n- mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).\n- mtd: lpddr: fix excessive stack usage with clang (git-fixes).\n- mtd: mtdoops: Do not write panic data twice (git-fixes).\n- mtd: rawnand: stm32_fmc2: fix a buffer overflow (git-fixes).\n- mtd: rawnand: vf610: disable clk on error handling path in probe (git-fixes).\n- mtd: spinand: gigadevice: Add QE Bit (git-fixes).\n- mtd: spinand: gigadevice: Only one dummy byte in QUADIO (git-fixes).\n- mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).\n- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).\n- mwifiex: fix double free (git-fixes).\n- mwifiex: remove function pointer check (git-fixes).\n- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).\n- net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under RCU (networking-stable-20_09_24).\n- net/core: check length before updating Ethertype in skb_mpls_{push,pop} (git-fixes).\n- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (networking-stable-20_09_24).\n- net: disable netpoll on fresh napis (networking-stable-20_09_11).\n- net: dsa: b53: check for timeout (networking-stable-20_08_24).\n- net: dsa: rtl8366: Properly clear member config (networking-stable-20_09_24).\n- net: fec: correct the error path for regulator disable in probe (networking-stable-20_08_24).\n- net: Fix bridge enslavement failure (networking-stable-20_09_24).\n- net: Fix potential wrong skb-\u003eprotocol in skb_vlan_untag() (networking-stable-20_08_24).\n- net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).\n- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24).\n- netlabel: fix problems with mapping removal (networking-stable-20_09_11).\n- net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-20_09_24).\n- net: lantiq: Use napi_complete_done() (networking-stable-20_09_24).\n- net: lantiq: use netif_tx_napi_add() for TX NAPI (networking-stable-20_09_24).\n- net: lantiq: Wake TX queue again (networking-stable-20_09_24).\n- net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-20_09_24).\n- net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-20_09_24).\n- net/mlx5: Fix FTE cleanup (networking-stable-20_09_24).\n- net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461).\n- net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24).\n- net: phy: Do not warn in phy_stop() on PHY_DOWN (networking-stable-20_09_24).\n- net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24).\n- net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow (networking-stable-20_08_24).\n- net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant (networking-stable-20_09_24).\n- net: sctp: Fix negotiation of the number of data streams (networking-stable-20_08_24).\n- net/smc: Prevent kernel-infoleak in __smc_diag_dump() (networking-stable-20_08_24).\n- net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11).\n- net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11).\n- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).\n- net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes).\n- net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes).\n- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes).\n- nfp: use correct define to return NONE fec (networking-stable-20_09_24).\n- nl80211: fix non-split wiphy information (git-fixes).\n- NTB: hw: amd: fix an issue about leak system resources (git-fixes).\n- ntb: intel: Fix memleak in intel_ntb_pci_probe (git-fixes).\n- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).\n- nvme-rdma: fix crash when connect rejected (bsc#1174748).\n- overflow: Include header file with SIZE_MAX declaration (git-fixes).\n- p54: avoid accessing the data mapped to streaming DMA (git-fixes).\n- PCI: aardvark: Check for errors from pci_bridge_emul_init() call (git-fixes).\n- PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes).\n- percpu: fix first chunk size calculation for populated bitmap (git-fixes (mm/percpu)).\n- perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1152489).\n- perf/x86: Fix n_pair for cancelled txn (bsc#1152489).\n- pinctrl: mcp23s08: Fix mcp23x17 precious range (git-fixes).\n- pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser (git-fixes).\n- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification.\n- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification (bsc#1177353).\n- platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).\n- PM: hibernate: Batch hibernate and resume IO requests (bsc#1178079).\n- PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes).\n- PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes).\n- powerpc/book3s64/radix: Make radix_mem_block_size 64bit (bsc#1055186 ltc#153436 git-fixes).\n- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).\n- powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).\n- powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).\n- powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).\n- powerpc/papr_scm: Fix warning triggered by perf_stats_show() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).\n- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).\n- powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).\n- powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).\n- powerpc/pseries: Avoid using addr_to_pfn in real mode (jsc#SLE-9246 git-fixes).\n- powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).\n- powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).\n- power: supply: bq27xxx: report \u0027not charging\u0027 on all types (git-fixes).\n- power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).\n- pwm: img: Fix null pointer access in probe (git-fixes).\n- pwm: lpss: Add range limit check for the base_unit register value (git-fixes).\n- pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes).\n- qtnfmac: fix resource leaks on unsupported iftype error return path (git-fixes).\n- r8169: fix issue with forced threading in combination with shared interrupts (git-fixes).\n- r8169: fix operation under forced interrupt threading (git-fixes).\n- rapidio: fix the missed put_device() for rio_mport_add_riodev (git-fixes).\n- regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).\n- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)\n- rtc: rx8010: do not modify the global rtc ops (git-fixes).\n- rtl8xxxu: prevent potential memory leak (git-fixes).\n- rtw88: increse the size of rx buffer size (git-fixes).\n- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177799 LTC#188733).\n- s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735).\n- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).\n- scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).\n- scsi: mptfusion: Do not use GFP_ATOMIC for larger DMA allocations (bsc#1175898, ECO-2743).\n- sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11).\n- selftests/timers: Turn off timeout setting (git-fixes).\n- serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes).\n- serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes).\n- slimbus: core: check get_addr before removing laddr ida (git-fixes).\n- slimbus: core: do not enter to clock pause mode in core (git-fixes).\n- slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback (git-fixes).\n- soc: fsl: qbman: Fix return value on success (git-fixes).\n- spi: spi-s3c64xx: Check return values (git-fixes).\n- spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() (git-fixes).\n- staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).\n- staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes).\n- staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).\n- staging: octeon: repair \u0027fixed-link\u0027 support (git-fixes).\n- staging: rtl8192u: Do not use GFP_KERNEL in atomic context (git-fixes).\n- taprio: Fix allowing too small intervals (networking-stable-20_09_24).\n- time: Prevent undefined behaviour in timespec64_to_ns() (bsc#1164648).\n- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).\n- tipc: Fix memory leak in tipc_group_create_member() (networking-stable-20_09_24).\n- tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11).\n- tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24).\n- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).\n- tipc: fix uninit skb-\u003edata in tipc_nl_compat_dumpit() (networking-stable-20_08_24).\n- tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24).\n- tracing: Check return value of __create_val_fields() before using its result (git-fixes).\n- tracing: Save normal string variables (git-fixes).\n- tty: ipwireless: fix error handling (git-fixes).\n- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).\n- uio: free uio id after uio file node is freed (git-fixes).\n- USB: adutux: fix debugging (git-fixes).\n- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).\n- usb: cdc-acm: fix cooldown mechanism (git-fixes).\n- USB: cdc-acm: handle broken union descriptors (git-fixes).\n- USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes).\n- usb: core: Solve race condition in anchor cleanup functions (git-fixes).\n- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).\n- usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).\n- usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).\n- usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).\n- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).\n- usb: dwc3: gadget: Resume pending requests after CLEAR_STALL (git-fixes).\n- usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality (git-fixes).\n- usb: dwc3: simple: add support for Hikey 970 (git-fixes).\n- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).\n- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).\n- usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes).\n- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).\n- usblp: fix race between disconnect() and read() (git-fixes).\n- usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).\n- usb: ohci: Default to per-port over-current protection (git-fixes).\n- USB: serial: cyberjack: fix write-URB completion race (git-fixes).\n- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).\n- USB: serial: option: add Cellient MPL200 card (git-fixes).\n- USB: serial: option: Add Telit FT980-KS composition (git-fixes).\n- USB: serial: pl2303: add device-id for HP GC device (git-fixes).\n- USB: serial: qcserial: fix altsetting probing (git-fixes).\n- usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).\n- usb: xhci-mtk: Fix typo (git-fixes).\n- usb: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes).\n- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).\n- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).\n- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).\n- VMCI: check return value of get_user_pages_fast() for errors (git-fixes).\n- w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).\n- watchdog: Fix memleak in watchdog_cdev_register (git-fixes).\n- watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3 (git-fixes).\n- watchdog: Use put_device on error (git-fixes).\n- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).\n- writeback: Avoid skipping inode writeback (bsc#1177755).\n- writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755).\n- writeback: Protect inode-\u003ei_io_list with inode-\u003ei_lock (bsc#1177755).\n- X.509: Add CodeSigning extended key usage parsing (bsc#1177353).\n- x86/alternative: Do not call text_poke() in lazy TLB mode (bsc#1175749).\n- x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1152489).\n- x86/ioapic: Unbreak check_timer() (bsc#1152489).\n- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).\n- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1177765).\n- x86/mm: unencrypted non-blocking DMA allocations use coherent pools (bsc#1175898, ECO-2743).\n- x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).\n- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/events: add a new \u0027late EOI\u0027 evtchn framework (XSA-332 bsc#1177411).\n- xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).\n- xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).\n- xen/events: block rogue events for some time (XSA-332 bsc#1177411).\n- xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).\n- xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).\n- xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).\n- xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).\n- xen/gntdev.c: Mark pages as dirty (bsc#1065600).\n- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/pvcallsback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146).\n- xfs: do not update mtime on COW faults (bsc#1167030).\n- xfs: fix high key handling in the rt allocator\u0027s query_range function (git-fixes).\n- xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes).\n- xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files (git-fixes).\n- xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).\n- xfs: force the log after remapping a synchronous-writes file (git-fixes).\n- xfs: introduce XFS_MAX_FILEOFF (bsc#1166166).\n- xfs: limit entries returned when counting fsmap records (git-fixes).\n- xfs: remove unused variable \u0027done\u0027 (bsc#1166166).\n- xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes).\n- xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166).\n- xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1906",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1906-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1906-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W7MTGDUP74HR4XORTRYN7I7MANTKWCGQ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1906-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W7MTGDUP74HR4XORTRYN7I7MANTKWCGQ/"
},
{
"category": "self",
"summary": "SUSE Bug 1055014",
"url": "https://bugzilla.suse.com/1055014"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1061843",
"url": "https://bugzilla.suse.com/1061843"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1066382",
"url": "https://bugzilla.suse.com/1066382"
},
{
"category": "self",
"summary": "SUSE Bug 1077428",
"url": "https://bugzilla.suse.com/1077428"
},
{
"category": "self",
"summary": "SUSE Bug 1129923",
"url": "https://bugzilla.suse.com/1129923"
},
{
"category": "self",
"summary": "SUSE Bug 1134760",
"url": "https://bugzilla.suse.com/1134760"
},
{
"category": "self",
"summary": "SUSE Bug 1149032",
"url": "https://bugzilla.suse.com/1149032"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1163592",
"url": "https://bugzilla.suse.com/1163592"
},
{
"category": "self",
"summary": "SUSE Bug 1164648",
"url": "https://bugzilla.suse.com/1164648"
},
{
"category": "self",
"summary": "SUSE Bug 1166146",
"url": "https://bugzilla.suse.com/1166146"
},
{
"category": "self",
"summary": "SUSE Bug 1166166",
"url": "https://bugzilla.suse.com/1166166"
},
{
"category": "self",
"summary": "SUSE Bug 1167030",
"url": "https://bugzilla.suse.com/1167030"
},
{
"category": "self",
"summary": "SUSE Bug 1170415",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "self",
"summary": "SUSE Bug 1174748",
"url": "https://bugzilla.suse.com/1174748"
},
{
"category": "self",
"summary": "SUSE Bug 1174969",
"url": "https://bugzilla.suse.com/1174969"
},
{
"category": "self",
"summary": "SUSE Bug 1175052",
"url": "https://bugzilla.suse.com/1175052"
},
{
"category": "self",
"summary": "SUSE Bug 1175306",
"url": "https://bugzilla.suse.com/1175306"
},
{
"category": "self",
"summary": "SUSE Bug 1175721",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "self",
"summary": "SUSE Bug 1175749",
"url": "https://bugzilla.suse.com/1175749"
},
{
"category": "self",
"summary": "SUSE Bug 1175898",
"url": "https://bugzilla.suse.com/1175898"
},
{
"category": "self",
"summary": "SUSE Bug 1176354",
"url": "https://bugzilla.suse.com/1176354"
},
{
"category": "self",
"summary": "SUSE Bug 1176485",
"url": "https://bugzilla.suse.com/1176485"
},
{
"category": "self",
"summary": "SUSE Bug 1176713",
"url": "https://bugzilla.suse.com/1176713"
},
{
"category": "self",
"summary": "SUSE Bug 1177086",
"url": "https://bugzilla.suse.com/1177086"
},
{
"category": "self",
"summary": "SUSE Bug 1177281",
"url": "https://bugzilla.suse.com/1177281"
},
{
"category": "self",
"summary": "SUSE Bug 1177353",
"url": "https://bugzilla.suse.com/1177353"
},
{
"category": "self",
"summary": "SUSE Bug 1177410",
"url": "https://bugzilla.suse.com/1177410"
},
{
"category": "self",
"summary": "SUSE Bug 1177411",
"url": "https://bugzilla.suse.com/1177411"
},
{
"category": "self",
"summary": "SUSE Bug 1177470",
"url": "https://bugzilla.suse.com/1177470"
},
{
"category": "self",
"summary": "SUSE Bug 1177739",
"url": "https://bugzilla.suse.com/1177739"
},
{
"category": "self",
"summary": "SUSE Bug 1177749",
"url": "https://bugzilla.suse.com/1177749"
},
{
"category": "self",
"summary": "SUSE Bug 1177750",
"url": "https://bugzilla.suse.com/1177750"
},
{
"category": "self",
"summary": "SUSE Bug 1177754",
"url": "https://bugzilla.suse.com/1177754"
},
{
"category": "self",
"summary": "SUSE Bug 1177755",
"url": "https://bugzilla.suse.com/1177755"
},
{
"category": "self",
"summary": "SUSE Bug 1177765",
"url": "https://bugzilla.suse.com/1177765"
},
{
"category": "self",
"summary": "SUSE Bug 1177766",
"url": "https://bugzilla.suse.com/1177766"
},
{
"category": "self",
"summary": "SUSE Bug 1177799",
"url": "https://bugzilla.suse.com/1177799"
},
{
"category": "self",
"summary": "SUSE Bug 1177801",
"url": "https://bugzilla.suse.com/1177801"
},
{
"category": "self",
"summary": "SUSE Bug 1177814",
"url": "https://bugzilla.suse.com/1177814"
},
{
"category": "self",
"summary": "SUSE Bug 1177817",
"url": "https://bugzilla.suse.com/1177817"
},
{
"category": "self",
"summary": "SUSE Bug 1177854",
"url": "https://bugzilla.suse.com/1177854"
},
{
"category": "self",
"summary": "SUSE Bug 1177855",
"url": "https://bugzilla.suse.com/1177855"
},
{
"category": "self",
"summary": "SUSE Bug 1177856",
"url": "https://bugzilla.suse.com/1177856"
},
{
"category": "self",
"summary": "SUSE Bug 1177861",
"url": "https://bugzilla.suse.com/1177861"
},
{
"category": "self",
"summary": "SUSE Bug 1178002",
"url": "https://bugzilla.suse.com/1178002"
},
{
"category": "self",
"summary": "SUSE Bug 1178079",
"url": "https://bugzilla.suse.com/1178079"
},
{
"category": "self",
"summary": "SUSE Bug 1178123",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "self",
"summary": "SUSE Bug 1178166",
"url": "https://bugzilla.suse.com/1178166"
},
{
"category": "self",
"summary": "SUSE Bug 1178173",
"url": "https://bugzilla.suse.com/1178173"
},
{
"category": "self",
"summary": "SUSE Bug 1178175",
"url": "https://bugzilla.suse.com/1178175"
},
{
"category": "self",
"summary": "SUSE Bug 1178176",
"url": "https://bugzilla.suse.com/1178176"
},
{
"category": "self",
"summary": "SUSE Bug 1178177",
"url": "https://bugzilla.suse.com/1178177"
},
{
"category": "self",
"summary": "SUSE Bug 1178183",
"url": "https://bugzilla.suse.com/1178183"
},
{
"category": "self",
"summary": "SUSE Bug 1178184",
"url": "https://bugzilla.suse.com/1178184"
},
{
"category": "self",
"summary": "SUSE Bug 1178185",
"url": "https://bugzilla.suse.com/1178185"
},
{
"category": "self",
"summary": "SUSE Bug 1178186",
"url": "https://bugzilla.suse.com/1178186"
},
{
"category": "self",
"summary": "SUSE Bug 1178190",
"url": "https://bugzilla.suse.com/1178190"
},
{
"category": "self",
"summary": "SUSE Bug 1178191",
"url": "https://bugzilla.suse.com/1178191"
},
{
"category": "self",
"summary": "SUSE Bug 1178246",
"url": "https://bugzilla.suse.com/1178246"
},
{
"category": "self",
"summary": "SUSE Bug 1178255",
"url": "https://bugzilla.suse.com/1178255"
},
{
"category": "self",
"summary": "SUSE Bug 1178307",
"url": "https://bugzilla.suse.com/1178307"
},
{
"category": "self",
"summary": "SUSE Bug 1178330",
"url": "https://bugzilla.suse.com/1178330"
},
{
"category": "self",
"summary": "SUSE Bug 1178393",
"url": "https://bugzilla.suse.com/1178393"
},
{
"category": "self",
"summary": "SUSE Bug 1178395",
"url": "https://bugzilla.suse.com/1178395"
},
{
"category": "self",
"summary": "SUSE Bug 1178461",
"url": "https://bugzilla.suse.com/1178461"
},
{
"category": "self",
"summary": "SUSE Bug 1178579",
"url": "https://bugzilla.suse.com/1178579"
},
{
"category": "self",
"summary": "SUSE Bug 1178581",
"url": "https://bugzilla.suse.com/1178581"
},
{
"category": "self",
"summary": "SUSE Bug 1178584",
"url": "https://bugzilla.suse.com/1178584"
},
{
"category": "self",
"summary": "SUSE Bug 1178585",
"url": "https://bugzilla.suse.com/1178585"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-16120 page",
"url": "https://www.suse.com/security/cve/CVE-2020-16120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25285 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25668 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25704 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8694 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8694/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-11-14T08:15:18Z",
"generator": {
"date": "2020-11-14T08:15:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1906-1",
"initial_release_date": "2020-11-14T08:15:18Z",
"revision_history": [
{
"date": "2020-11-14T08:15:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-devel-5.3.18-lp152.50.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-docs-5.3.18-lp152.50.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-docs-html-5.3.18-lp152.50.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-macros-5.3.18-lp152.50.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-source-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-source-5.3.18-lp152.50.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-lp152.50.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-debug-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-default-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-preempt-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-lp152.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-lp152.50.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-lp152.50.1.x86_64",
"product_id": "kernel-syms-5.3.18-lp152.50.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-debug-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-source-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-lp152.50.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-lp152.50.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-lp152.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14351"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14351",
"url": "https://www.suse.com/security/cve/CVE-2020-14351"
},
{
"category": "external",
"summary": "SUSE Bug 1177086 for CVE-2020-14351",
"url": "https://bugzilla.suse.com/1177086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-14351"
},
{
"cve": "CVE-2020-16120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-16120"
}
],
"notes": [
{
"category": "general",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-16120",
"url": "https://www.suse.com/security/cve/CVE-2020-16120"
},
{
"category": "external",
"summary": "SUSE Bug 1177470 for CVE-2020-16120",
"url": "https://bugzilla.suse.com/1177470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2020-25285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25285"
}
],
"notes": [
{
"category": "general",
"text": "A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25285",
"url": "https://www.suse.com/security/cve/CVE-2020-25285"
},
{
"category": "external",
"summary": "SUSE Bug 1176485 for CVE-2020-25285",
"url": "https://bugzilla.suse.com/1176485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-25285"
},
{
"cve": "CVE-2020-25656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25656"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25656",
"url": "https://www.suse.com/security/cve/CVE-2020-25656"
},
{
"category": "external",
"summary": "SUSE Bug 1177766 for CVE-2020-25656",
"url": "https://bugzilla.suse.com/1177766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-25656"
},
{
"cve": "CVE-2020-25668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25668"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25668",
"url": "https://www.suse.com/security/cve/CVE-2020-25668"
},
{
"category": "external",
"summary": "SUSE Bug 1178123 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "external",
"summary": "SUSE Bug 1178622 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178622"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1196914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "important"
}
],
"title": "CVE-2020-25668"
},
{
"cve": "CVE-2020-25704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25704"
}
],
"notes": [
{
"category": "general",
"text": "A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25704",
"url": "https://www.suse.com/security/cve/CVE-2020-25704"
},
{
"category": "external",
"summary": "SUSE Bug 1178393 for CVE-2020-25704",
"url": "https://bugzilla.suse.com/1178393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
},
{
"cve": "CVE-2020-8694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8694"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8694",
"url": "https://www.suse.com/security/cve/CVE-2020-8694"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178591"
},
{
"category": "external",
"summary": "SUSE Bug 1178700 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178700"
},
{
"category": "external",
"summary": "SUSE Bug 1179661 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1179661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.50.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.50.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-14T08:15:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-8694"
}
]
}
OPENSUSE-SU-2020:2034-1
Vulnerability from csaf_opensuse - Published: 2020-11-26 13:50 - Updated: 2020-11-26 13:50Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-28915: A buffer over-read (at the framebuffer layer) in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def (bnc#1178886).
- CVE-2020-25669: A use-after-free in teardown paths of sunkbd was fixed (bsc#1178182).
- CVE-2020-25705: A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions may be vulnerable to this issue (bnc#1175721 bnc#1178782).
- CVE-2020-25704: A a memory leak in perf_event_parse_addr_filter() was foxed (bsc#1178393, CVE-2020-25704).
The following non-security bugs were fixed:
- ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
- bpf: Zero-fill re-used per-cpu map element (git-fixes).
- can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).
- can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).
- can: dev: can_restart(): post buffer from the right context (git-fixes).
- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
- can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).
- can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
- drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).
- drm/i915: Break up error capture compression loops with cond_resched() (git-fixes).
- drm/vc4: drv: Add error handding for bind (git-fixes).
- Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838). Also fix the ppc64 page size.
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549).
- ftrace: Fix recursion check for NMI test (git-fixes).
- ftrace: Handle tracing when switching between context (git-fixes).
- futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665).
- futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1067665).
- hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
- hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820).
- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820).
- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854).
- hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).
- inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes).
- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
- kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).
- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
- locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549).
- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549).
- locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
- mac80211: minstrel: fix tx status processing corner case (git-fixes).
- mac80211: minstrel: remove deferred sampling code (git-fixes).
- memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).
- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
- mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).
- net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
- net: ena: Change license into format to SPDX in all files (bsc#1177397).
- net: ena: Change log message to netif/dev function (bsc#1177397).
- net: ena: Change RSS related macros and variables names (bsc#1177397).
- net: ena: ethtool: Add new device statistics (bsc#1177397).
- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
- net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
- net: ena: Fix all static chekers' warnings (bsc#1177397).
- net: ena: Remove redundant print of placement policy (bsc#1177397).
- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
- netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
- net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873).
- net/mlx4_core: Fix init_hca fields offset (git-fixes).
- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
- NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630).
- nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873).
- pinctrl: intel: Set default bias in case no particular value given (git-fixes).
- powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968).
- powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
- powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
- regulator: avoid resolve_supply() infinite recursion (git-fixes).
- regulator: fix memory leak with repeated set_machine_constraints() (git-fixes).
- regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).
- regulator: workaround self-referent regulators (git-fixes).
- Revert 'cdc-acm: hardening against malicious devices' (git-fixes).
- ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).
- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873).
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (git-fixes).
- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes).
- time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes).
- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
- usb: core: driver: fix stray tabs in error messages (git-fixes).
- usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes).
- USB: serial: cyberjack: fix write-URB completion race (git-fixes).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).
- USB: serial: option: add Quectel EC200T module support (git-fixes).
- USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
- vt: Disable KD_FONT_OP_COPY (bsc#1178589).
- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
- xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
- xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
- xfs: fix rmap key and record comparison functions (git-fixes).
Patchnames: openSUSE-2020-2034
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
43 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-28915: A buffer over-read (at the framebuffer layer) in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def (bnc#1178886).\n- CVE-2020-25669: A use-after-free in teardown paths of sunkbd was fixed (bsc#1178182).\n- CVE-2020-25705: A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions may be vulnerable to this issue (bnc#1175721 bnc#1178782).\n- CVE-2020-25704: A a memory leak in perf_event_parse_addr_filter() was foxed (bsc#1178393, CVE-2020-25704).\n\nThe following non-security bugs were fixed:\n\n- ACPI: NFIT: Fix comparison to \u0027-ENXIO\u0027 (git-fixes).\n- bpf: Zero-fill re-used per-cpu map element (git-fixes).\n- can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).\n- can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).\n- can: dev: can_restart(): post buffer from the right context (git-fixes).\n- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).\n- can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).\n- can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).\n- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).\n- drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).\n- drm/i915: Break up error capture compression loops with cond_resched() (git-fixes).\n- drm/vc4: drv: Add error handding for bind (git-fixes).\n- Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838). Also fix the ppc64 page size.\n- fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549).\n- ftrace: Fix recursion check for NMI test (git-fixes).\n- ftrace: Handle tracing when switching between context (git-fixes).\n- futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665).\n- futex: Handle transient \u0027ownerless\u0027 rtmutex state correctly (bsc#1067665).\n- hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).\n- hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820).\n- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820).\n- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854).\n- hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).\n- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).\n- inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes).\n- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).\n- kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).\n- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).\n- locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549).\n- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549).\n- locktorture: Print ratio of acquisitions, not failures (bsc#1050549).\n- mac80211: minstrel: fix tx status processing corner case (git-fixes).\n- mac80211: minstrel: remove deferred sampling code (git-fixes).\n- memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).\n- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).\n- mm/memcg: fix refcount error while moving and swapping (bsc#1178686).\n- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).\n- net: ena: Capitalize all log strings and improve code readability (bsc#1177397).\n- net: ena: Change license into format to SPDX in all files (bsc#1177397).\n- net: ena: Change log message to netif/dev function (bsc#1177397).\n- net: ena: Change RSS related macros and variables names (bsc#1177397).\n- net: ena: ethtool: Add new device statistics (bsc#1177397).\n- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).\n- net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).\n- net: ena: Fix all static chekers\u0027 warnings (bsc#1177397).\n- net: ena: Remove redundant print of placement policy (bsc#1177397).\n- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).\n- netfilter: nat: can\u0027t use dst_hold on noref dst (bsc#1178878).\n- net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873).\n- net/mlx4_core: Fix init_hca fields offset (git-fixes).\n- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).\n- NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630).\n- nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873).\n- pinctrl: intel: Set default bias in case no particular value given (git-fixes).\n- powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968).\n- powerpc/vnic: Extend \u0027failover pending\u0027 window (bsc#1176855 ltc#187293).\n- powerpc/vnic: Extend \u0027failover pending\u0027 window (bsc#1176855 ltc#187293).\n- regulator: avoid resolve_supply() infinite recursion (git-fixes).\n- regulator: fix memory leak with repeated set_machine_constraints() (git-fixes).\n- regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).\n- regulator: workaround self-referent regulators (git-fixes).\n- Revert \u0027cdc-acm: hardening against malicious devices\u0027 (git-fixes).\n- ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).\n- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873).\n- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (git-fixes).\n- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes).\n- time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes).\n- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).\n- usb: core: driver: fix stray tabs in error messages (git-fixes).\n- usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes).\n- USB: serial: cyberjack: fix write-URB completion race (git-fixes).\n- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).\n- USB: serial: option: add Cellient MPL200 card (git-fixes).\n- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).\n- USB: serial: option: add Quectel EC200T module support (git-fixes).\n- USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).\n- USB: serial: option: Add Telit FT980-KS composition (git-fixes).\n- USB: serial: pl2303: add device-id for HP GC device (git-fixes).\n- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).\n- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).\n- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).\n- vt: Disable KD_FONT_OP_COPY (bsc#1178589).\n- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).\n- xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).\n- xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).\n- xfs: fix rmap key and record comparison functions (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2034",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2034-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2034-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7GIP2AYRG3VCHD6CCU4URBF5KVBKIT63/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2034-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7GIP2AYRG3VCHD6CCU4URBF5KVBKIT63/"
},
{
"category": "self",
"summary": "SUSE Bug 1050549",
"url": "https://bugzilla.suse.com/1050549"
},
{
"category": "self",
"summary": "SUSE Bug 1067665",
"url": "https://bugzilla.suse.com/1067665"
},
{
"category": "self",
"summary": "SUSE Bug 1170630",
"url": "https://bugzilla.suse.com/1170630"
},
{
"category": "self",
"summary": "SUSE Bug 1172873",
"url": "https://bugzilla.suse.com/1172873"
},
{
"category": "self",
"summary": "SUSE Bug 1175306",
"url": "https://bugzilla.suse.com/1175306"
},
{
"category": "self",
"summary": "SUSE Bug 1175721",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "self",
"summary": "SUSE Bug 1176855",
"url": "https://bugzilla.suse.com/1176855"
},
{
"category": "self",
"summary": "SUSE Bug 1176983",
"url": "https://bugzilla.suse.com/1176983"
},
{
"category": "self",
"summary": "SUSE Bug 1177397",
"url": "https://bugzilla.suse.com/1177397"
},
{
"category": "self",
"summary": "SUSE Bug 1177703",
"url": "https://bugzilla.suse.com/1177703"
},
{
"category": "self",
"summary": "SUSE Bug 1177819",
"url": "https://bugzilla.suse.com/1177819"
},
{
"category": "self",
"summary": "SUSE Bug 1177820",
"url": "https://bugzilla.suse.com/1177820"
},
{
"category": "self",
"summary": "SUSE Bug 1178182",
"url": "https://bugzilla.suse.com/1178182"
},
{
"category": "self",
"summary": "SUSE Bug 1178393",
"url": "https://bugzilla.suse.com/1178393"
},
{
"category": "self",
"summary": "SUSE Bug 1178589",
"url": "https://bugzilla.suse.com/1178589"
},
{
"category": "self",
"summary": "SUSE Bug 1178686",
"url": "https://bugzilla.suse.com/1178686"
},
{
"category": "self",
"summary": "SUSE Bug 1178765",
"url": "https://bugzilla.suse.com/1178765"
},
{
"category": "self",
"summary": "SUSE Bug 1178782",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "self",
"summary": "SUSE Bug 1178838",
"url": "https://bugzilla.suse.com/1178838"
},
{
"category": "self",
"summary": "SUSE Bug 1178853",
"url": "https://bugzilla.suse.com/1178853"
},
{
"category": "self",
"summary": "SUSE Bug 1178854",
"url": "https://bugzilla.suse.com/1178854"
},
{
"category": "self",
"summary": "SUSE Bug 1178878",
"url": "https://bugzilla.suse.com/1178878"
},
{
"category": "self",
"summary": "SUSE Bug 1178886",
"url": "https://bugzilla.suse.com/1178886"
},
{
"category": "self",
"summary": "SUSE Bug 927455",
"url": "https://bugzilla.suse.com/927455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25669 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25704 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28915 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28915/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-11-26T13:50:49Z",
"generator": {
"date": "2020-11-26T13:50:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2034-1",
"initial_release_date": "2020-11-26T13:50:49Z",
"revision_history": [
{
"date": "2020-11-26T13:50:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-devel-4.12.14-lp151.28.83.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-docs-4.12.14-lp151.28.83.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp151.28.83.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-macros-4.12.14-lp151.28.83.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-source-4.12.14-lp151.28.83.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-default-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25669"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25669",
"url": "https://www.suse.com/security/cve/CVE-2020-25669"
},
{
"category": "external",
"summary": "SUSE Bug 1178182 for CVE-2020-25669",
"url": "https://bugzilla.suse.com/1178182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-26T13:50:49Z",
"details": "moderate"
}
],
"title": "CVE-2020-25669"
},
{
"cve": "CVE-2020-25704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25704"
}
],
"notes": [
{
"category": "general",
"text": "A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25704",
"url": "https://www.suse.com/security/cve/CVE-2020-25704"
},
{
"category": "external",
"summary": "SUSE Bug 1178393 for CVE-2020-25704",
"url": "https://bugzilla.suse.com/1178393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-26T13:50:49Z",
"details": "moderate"
}
],
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-26T13:50:49Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
},
{
"cve": "CVE-2020-28915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28915"
}
],
"notes": [
{
"category": "general",
"text": "A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28915",
"url": "https://www.suse.com/security/cve/CVE-2020-28915"
},
{
"category": "external",
"summary": "SUSE Bug 1178886 for CVE-2020-28915",
"url": "https://bugzilla.suse.com/1178886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.83.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.83.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-26T13:50:49Z",
"details": "moderate"
}
],
"title": "CVE-2020-28915"
}
]
}
OPENSUSE-SU-2020:2112-1
Vulnerability from csaf_opensuse - Published: 2020-11-29 15:25 - Updated: 2020-11-29 15:25Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724).
- CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka 'BleedingTooth' aka 'BadVibes' (bsc#1177726).
- CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725).
- CVE-2020-25212: A TOCTOU mismatch in the NFS client code in the Linux kernel could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).
- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).
- CVE-2020-25643: Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (bnc#1177206).
- CVE-2020-25641: A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allowed a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability (bnc#1177121).
- CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393).
- CVE-2020-25668: Make FONTX ioctl use the tty pointer they were actually passed (bsc#1178123).
- CVE-2020-25656: Extend func_buf_lock to readers (bnc#1177766).
- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812 (bnc#1176485).
- CVE-2020-14351: Fixed race in the perf_mmap_close() function (bsc#1177086).
- CVE-2020-8694: Restrict energy meter to root access (bsc#1170415).
- CVE-2020-16120: Check permission to open real file in overlayfs (bsc#1177470).
- CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)
The following non-security bugs were fixed:
- 9p: Fix memory leak in v9fs_mount (git-fixes).
- ACPI: Always build evged in (git-fixes).
- ACPI: button: fix handling lid state changes when input device closed (git-fixes).
- ACPI: configfs: Add missing config_item_put() to fix refcount leak (git-fixes).
- acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
- ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
- ACPI: EC: Reference count query handlers under lock (git-fixes).
- ACPI / extlog: Check for RDMSR failure (git-fixes).
- ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
- act_ife: load meta modules before tcf_idr_check_alloc() (networking-stable-20_09_24).
- Add CONFIG_CHECK_CODESIGN_EKU
- airo: Fix read overflows sending packets (git-fixes).
- ALSA: ac97: (cosmetic) align argument names (git-fixes).
- ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
- ALSA: asihpi: fix spellint typo in comments (git-fixes).
- ALSA: atmel: ac97: clarify operator precedence (git-fixes).
- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
- ALSA: compress_offload: remove redundant initialization (git-fixes).
- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
- ALSA: core: pcm: simplify locking for timers (git-fixes).
- ALSA: core: timer: clarify operator precedence (git-fixes).
- ALSA: core: timer: remove redundant assignment (git-fixes).
- ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes).
- ALSA: fireworks: use semicolons rather than commas to separate statements (git-fixes).
- ALSA: fix kernel-doc markups (git-fixes).
- ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
- ALSA: hda: (cosmetic) align function parameters (git-fixes).
- ALSA: hda - Do not register a cb func if it is registered already (git-fixes).
- ALSA: hda - Fix the return value if cb func is already registered (git-fixes).
- ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes).
- ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).
- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).
- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).
- ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).
- ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes).
- ALSA: hda/realtek - set mic to auto detect on a HP AIO machine (git-fixes).
- ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).
- ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).
- ALSA: hdspm: Fix typo arbitary (git-fixes).
- ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
- ALSA: portman2x4: fix repeated word 'if' (git-fixes).
- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
- ALSA: sparc: dbri: fix repeated word 'the' (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).
- ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
- ALSA: usb-audio: fix spelling mistake 'Frequence' -> 'Frequency' (git-fixes).
- ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk (git-fixes).
- ALSA: usb: scarless_gen2: fix endianness issue (git-fixes).
- ALSA: vx: vx_core: clarify operator precedence (git-fixes).
- ALSA: vx: vx_pcm: remove redundant assignment (git-fixes).
- ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
- arm64: Enable PCI write-combine resources under sysfs (bsc#1175807).
- ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).
- ASoC: cs42l51: manage mclk shutdown delay (git-fixes).
- ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe() (git-fixes).
- ASoC: fsl_sai: Instantiate snd_soc_dai_driver (git-fixes).
- ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes).
- ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes).
- ASoC: kirkwood: fix IRQ error handling (git-fixes).
- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
- ASoC: qcom: sdm845: set driver name correctly (git-fixes).
- ASoC: sun50i-codec-analog: Fix duplicate use of ADC enable bits (git-fixes).
- ASoC: tlv320aic32x4: Fix bdiv clock rate derivation (git-fixes).
- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes).
- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes).
- ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes).
- ata: sata_rcar: Fix DMA boundary mask (git-fixes).
- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).
- ath10k: fix array out-of-bounds access (git-fixes).
- ath10k: fix memory leak for tpc_stats_final (git-fixes).
- ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes).
- ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
- ath10k: provide survey info as accumulated data (git-fixes).
- ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
- ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
- ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes).
- ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes).
- ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes).
- ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes).
- ath9k_htc: Use appropriate rs_datalen type (git-fixes).
- backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).
- blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750).
- block: ensure bdi->io_pages is always initialized (bsc#1177749).
- block: Fix page_is_mergeable() for compound pages (bsc#1177814).
- block: Set same_page to false in __bio_try_merge_page if ret is false (git-fixes).
- Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb (git-fixes).
- Bluetooth: Fix refcount use-after-free issue (git-fixes).
- Bluetooth: guard against controllers sending zero'd events (git-fixes).
- Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
- Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).
- Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
- Bluetooth: Only mark socket zapped after unlocking (git-fixes).
- Bluetooth: prefetch channel before killing sock (git-fixes).
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (git-fixes).
- bonding: show saner speed for broadcast mode (networking-stable-20_08_24).
- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).
- brcmfmac: check ndev pointer (git-fixes).
- brcmfmac: Fix double freeing in the fmac usb data path (git-fixes).
- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
- btrfs: Account for merged patches upstream Move below patches to sorted section.
- btrfs: add owner and fs_info to alloc_state io_tree (bsc#1177854).
- btrfs: allocate scrub workqueues outside of locks (bsc#1178183).
- btrfs: block-group: do not set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019).
- btrfs: block-group: fix free-space bitmap threshold (bsc#1176019).
- btrfs: block-group: refactor how we delete one block group item (bsc#1176019).
- btrfs: block-group: refactor how we insert a block group item (bsc#1176019).
- btrfs: block-group: refactor how we read one block group item (bsc#1176019).
- btrfs: block-group: rename write_one_cache_group() (bsc#1176019).
- btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687).
- btrfs: cleanup cow block on error (bsc#1178584).
- btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
- btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).
- btrfs: do not take an extra root ref at allocation time (bsc#1176019).
- btrfs: drop logs when we've aborted a transaction (bsc#1176019).
- btrfs: drop path before adding new uuid tree entry (bsc#1178176).
- btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019).
- Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019).
- btrfs: fix filesystem corruption after a device replace (bsc#1178395).
- btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190).
- btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191).
- btrfs: fix race between page release and a fast fsync (bsc#1177687).
- btrfs: fix space cache memory leak after transaction abort (bsc#1178173).
- btrfs: free block groups after free'ing fs trees (bsc#1176019).
- btrfs: hold a ref on the root on the dead roots list (bsc#1176019).
- btrfs: kill the subvol_srcu (bsc#1176019).
- btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019).
- btrfs: make inodes hold a ref on their roots (bsc#1176019).
- btrfs: make the extent buffer leak check per fs info (bsc#1176019).
- btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks (bsc#1178395).
- btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing (bsc#1178395).
- btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019).
- btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019).
- btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019).
- btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).
- btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).
- btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).
- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).
- btrfs: reduce contention on log trees when logging checksums (bsc#1177687).
- btrfs: release old extent maps during page release (bsc#1177687).
- btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019).
- btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).
- btrfs: rename member 'trimming' of block group to a more generic name (bsc#1176019).
- btrfs: reschedule if necessary when logging directory items (bsc#1178585).
- btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019).
- btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).
- btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).
- btrfs: set the correct lockdep class for new nodes (bsc#1178184).
- btrfs: set the lockdep class for log tree extent buffers (bsc#1178186).
- btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).
- btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).
- bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes).
- can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).
- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).
- can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).
- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).
- can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes).
- can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).
- can: flexcan: remove ack_grp and ack_bit handling from driver (git-fixes).
- can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes).
- can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).
- can: peak_usb: add range checking in decode operations (git-fixes).
- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).
- can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
- can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes).
- ceph: promote to unsigned long long before shifting (bsc#1178175).
- clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).
- clk: at91: remove the checking of parent_name (git-fixes).
- clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes).
- clk: imx8mq: Fix usdhc parents order (git-fixes).
- clk: keystone: sci-clk: fix parsing assigned-clock data during probe (git-fixes).
- clk: meson: g12a: mark fclk_div2 as critical (git-fixes).
- clk: qcom: gcc-sdm660: Fix wrong parent_map (git-fixes).
- clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes).
- clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes).
- clk: tegra: Always program PLL_E when enabled (git-fixes).
- clk/ti/adpll: allocate room for terminating null (git-fixes).
- clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes).
- clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes).
- cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588).
- create Storage / NVMe subsection
- crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes).
- crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
- crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
- crypto: ccp - fix error handling (git-fixes).
- crypto: dh - check validity of Z before export (bsc#1175718).
- crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718).
- crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718).
- crypto: ecdh - check validity of Z before export (bsc#1175718).
- crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes).
- crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes).
- crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).
- crypto: picoxcell - Fix potential race condition bug (git-fixes).
- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).
- cxgb4: fix memory leak during module unload (networking-stable-20_09_24).
- cxgb4: Fix offset when clearing filter byte counters (networking-stable-20_09_24).
- cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
- dax: Fix compilation for CONFIG_DAX && !CONFIG_FS_DAX (bsc#1177817).
- Disable module compression on SLE15 SP2 (bsc#1178307)
- dma-direct: add missing set_memory_decrypted() for coherent mapping (bsc#1175898, ECO-2743).
- dma-direct: always align allocation size in dma_direct_alloc_pages() (bsc#1175898, ECO-2743).
- dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743).
- dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743).
- dma-direct: consolidate the error handling in dma_direct_alloc_pages (bsc#1175898, ECO-2743).
- dma-direct: make uncached_kernel_address more general (bsc#1175898, ECO-2743).
- dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743).
- dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743).
- dma-direct: re-encrypt memory if dma_direct_alloc_pages() fails (bsc#1175898, ECO-2743).
- dma-direct: remove __dma_direct_free_pages (bsc#1175898, ECO-2743).
- dma-direct: remove the dma_handle argument to __dma_direct_alloc_pages (bsc#1175898, ECO-2743).
- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).
- dmaengine: dmatest: Check list for emptiness before access its last entry (git-fixes).
- dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes).
- dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes).
- dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).
- dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).
- dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
- dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
- dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes).
- dma-mapping: add a dma_can_mmap helper (bsc#1175898, ECO-2743).
- dma-mapping: always use VM_DMA_COHERENT for generic DMA remap (bsc#1175898, ECO-2743).
- dma-mapping: DMA_COHERENT_POOL should select GENERIC_ALLOCATOR (bsc#1175898, ECO-2743).
- dma-mapping: make dma_atomic_pool_init self-contained (bsc#1175898, ECO-2743).
- dma-mapping: merge the generic remapping helpers into dma-direct (bsc#1175898, ECO-2743).
- dma-mapping: remove arch_dma_mmap_pgprot (bsc#1175898, ECO-2743).
- dma-mapping: warn when coherent pool is depleted (bsc#1175898, ECO-2743).
- dma-pool: add additional coherent pools to map to gfp mask (bsc#1175898, ECO-2743).
- dma-pool: add pool sizes to debugfs (bsc#1175898, ECO-2743).
- dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL (bsc#1175898, ECO-2743).
- dma-pool: do not allocate pool memory from CMA (bsc#1175898, ECO-2743).
- dma-pool: dynamically expanding atomic pools (bsc#1175898, ECO-2743).
- dma-pool: Fix an uninitialized variable bug in atomic_pool_expand() (bsc#1175898, ECO-2743).
- dma-pool: fix coherent pool allocations for IOMMU mappings (bsc#1175898, ECO-2743).
- dma-pool: fix too large DMA pools on medium memory size systems (bsc#1175898, ECO-2743).
- dma-pool: get rid of dma_in_atomic_pool() (bsc#1175898, ECO-2743).
- dma-pool: introduce dma_guess_pool() (bsc#1175898, ECO-2743).
- dma-pool: make sure atomic pool suits device (bsc#1175898, ECO-2743).
- dma-pool: Only allocate from CMA when in same memory zone (bsc#1175898, ECO-2743).
- dma-pool: scale the default DMA coherent pool size with memory capacity (bsc#1175898, ECO-2743).
- dma-remap: separate DMA atomic pools from direct remap code (bsc#1175898, ECO-2743).
- dm: Call proper helper to determine dax support (bsc#1177817).
- dm/dax: Fix table reference counts (bsc#1178246).
- docs: driver-api: remove a duplicated index entry (git-fixes).
- drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).
- drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).
- drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes).
- drm/radeon: revert 'Prefer lower feedback dividers' (bsc#1177384).
- drop Storage / bsc#1171688 subsection No effect on expanded tree.
- e1000: Do not perform reset in reset_task if we are already down (git-fixes).
- EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1152489).
- eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
- exfat: fix name_hash computation on big endian systems (git-fixes).
- exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes).
- exfat: fix possible memory leak in exfat_find() (git-fixes).
- exfat: fix use of uninitialized spinlock on error path (git-fixes).
- exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes).
- exfat: fix wrong size update of stream entry by typo (git-fixes).
- extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips (git-fixes).
- ftrace: Move RCU is watching check after recursion check (git-fixes).
- fuse: do not ignore errors from fuse_writepages_fill() (bsc#1177193).
- futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648).
- futex: Consistently use fshared as boolean (bsc#1149032).
- futex: Fix incorrect should_fail_futex() handling (bsc#1149032).
- futex: Remove put_futex_key() (bsc#1149032).
- futex: Remove unused or redundant includes (bsc#1149032).
- gpio: mockup: fix resource leak in error path (git-fixes).
- gpio: rcar: Fix runtime PM imbalance on error (git-fixes).
- gpio: siox: explicitly support only threaded irqs (git-fixes).
- gpio: sprd: Clear interrupt when setting the type as edge (git-fixes).
- gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24).
- gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11).
- HID: hid-input: fix stylus battery reporting (git-fixes).
- HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes).
- HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes).
- HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes).
- hwmon: (applesmc) check status earlier (git-fixes).
- hwmon: (mlxreg-fan) Fix double 'Mellanox' (git-fixes).
- hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes).
- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).
- i2c: aspeed: Mask IRQ status to relevant bits (git-fixes).
- i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes).
- i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs (git-fixes).
- i2c: cpm: Fix i2c_ram structure (git-fixes).
- i2c: i801: Exclude device from suspend direct complete optimization (git-fixes).
- i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
- i2c: meson: fix clock setting overwrite (git-fixes).
- i2c: meson: fixup rate calculation with filter delay (git-fixes).
- i2c: owl: Clear NACK and BUS error bits (git-fixes).
- i2c: rcar: Auto select RESET_CONTROLLER (git-fixes).
- i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes).
- i2c: tegra: Restore pinmux on system resume (git-fixes).
- i3c: master add i3c_master_attach_boardinfo to preserve boardinfo (git-fixes).
- i3c: master: Fix error return in cdns_i3c_master_probe() (git-fixes).
- ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
- ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes).
- ibmvnic: set up 200GBPS speed (bsc#1129923 git-fixes).
- icmp: randomize the global rate limiter (git-fixes).
- ida: Free allocated bitmap in error path (git-fixes).
- ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
- ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
- iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes).
- iio: adc: gyroadc: fix leak of device node iterator (git-fixes).
- iio: adc: qcom-spmi-adc5: fix driver name (git-fixes).
- iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling (git-fixes).
- iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
- iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).
- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).
- iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).
- iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes).
- ima: Do not ignore errors from crypto_shash_update() (git-fixes).
- ima: extend boot_aggregate with kernel measurements (bsc#1177617).
- ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes).
- Input: ati_remote2 - add missing newlines when printing module parameters (git-fixes).
- Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes).
- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532).
- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes).
- Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes).
- Input: stmfts - fix a & vs && typo (git-fixes).
- Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes).
- iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).
- iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297).
- iommu/amd: Fix potential @entry null deref (bsc#1177283).
- iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284).
- iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285).
- iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286).
- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (bsc#1177739).
- ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24).
- ipmi_si: Fix wrong return value in try_smi_init() (git-fixes).
- ipv4: Initialize flowi4_multipath_hash in data path (networking-stable-20_09_24).
- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes).
- ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24).
- ipv6: avoid lockdep issue in fib6_del() (networking-stable-20_09_24).
- ipv6: Fix sysctl max for fib_multipath_hash_policy (networking-stable-20_09_11).
- ipvlan: fix device features (networking-stable-20_08_24).
- iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
- kabi fix for NFS: Fix flexfiles read failover (git-fixes).
- kABI: Fix kABI after add CodeSigning extended key usage (bsc#1177353).
- kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules.
- kallsyms: Refactor kallsyms_show_value() to take cred (git-fixes).
- kbuild: enforce -Werror=return-type (bsc#1177281).
- kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv
- kernel-binary.spec.in: Package the obj_install_dir as explicit filelist.
- KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes).
- leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
- leds: mlxreg: Fix possible buffer overflow (git-fixes).
- leds: mt6323: move period calculation (git-fixes).
- libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (bsc#1177090).
- libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178177).
- lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
- lib/mpi: Add mpi_sub_ui() (bsc#1175718).
- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).
- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
- mac80211: handle lack of sband->bitrates in rates (git-fixes).
- mac80211: skip mpath lookup also for control port tx (git-fixes).
- mac802154: tx: fix use-after-free (git-fixes).
- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
- mailbox: avoid timer start from callback (git-fixes).
- media: ati_remote: sanity check for both endpoints (git-fixes).
- media: bdisp: Fix runtime PM imbalance on error (git-fixes).
- media: camss: Fix a reference count leak (git-fixes).
- media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes).
- media: exynos4-is: Fix a reference count leak (git-fixes).
- media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes).
- media: firewire: fix memory leak (git-fixes).
- media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes).
- media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes).
- media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes).
- media: imx274: fix frame interval handling (git-fixes).
- media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).
- media: mc-device.c: fix memleak in media_device_register_entity (git-fixes).
- media: media/pci: prevent memory leak in bttv_probe (git-fixes).
- media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes).
- media: omap3isp: Fix memleak in isp_probe (git-fixes).
- media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes).
- media: platform: fcp: Fix a reference count leak (git-fixes).
- media: platform: Improve queue set up flow for bug fixing (git-fixes).
- media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).
- media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
- media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes).
- media: rcar_drif: Allocate v4l2_async_subdev dynamically (git-fixes).
- media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes).
- media: rcar-vin: Fix a reference count leak (git-fixes).
- media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes).
- media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes).
- media: Revert 'media: exynos4-is: Add missed check for pinctrl_lookup_state()' (git-fixes).
- media: rockchip/rga: Fix a reference count leak (git-fixes).
- media: s5p-mfc: Fix a reference count leak (git-fixes).
- media: saa7134: avoid a shift overflow (git-fixes).
- media: smiapp: Fix error handling at NVM reading (git-fixes).
- media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes).
- media: st-delta: Fix reference count leak in delta_run_work (git-fixes).
- media: sti: Fix reference count leaks (git-fixes).
- media: stm32-dcmi: Fix a reference count leak (git-fixes).
- media: tc358743: cleanup tc358743_cec_isr (git-fixes).
- media: tc358743: initialize variable (git-fixes).
- media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
- media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
- media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).
- media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
- media: usbtv: Fix refcounting mixup (git-fixes).
- media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
- media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).
- media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes).
- media: uvcvideo: Set media controller entity functions (git-fixes).
- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).
- media: v4l2-async: Document asd allocation requirements (git-fixes).
- media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes).
- media: vsp1: Fix runtime PM imbalance on error (git-fixes).
- memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes).
- memory: omap-gpmc: Fix a couple off by ones (git-fixes).
- memory: omap-gpmc: Fix build error without CONFIG_OF (git-fixes).
- mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
- mfd: sm501: Fix leaks in probe() (git-fixes).
- mic: vop: copy data to kernel space then write to io memory (git-fixes).
- misc: mic: scif: Fix error handling path (git-fixes).
- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
- misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes).
- mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697).
- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
- mmc: core: Rework wp-gpio handling (git-fixes).
- mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681).
- mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681).
- mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).
- mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes).
- mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).
- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
- mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)).
- mm: do not panic when links can't be created in sysfs (bsc#1178002).
- mm: do not rely on system state to detect hot-plug operations (bsc#1178002).
- mm: fix a race during THP splitting (bsc#1178255).
- mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
- mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697).
- mm: madvise: fix vma user-after-free (git-fixes).
- mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694).
- mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)).
- mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683).
- mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683).
- mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683).
- mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697).
- mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)).
- mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).
- mm: replace memmap_context by meminit_context (bsc#1178002).
- mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
- mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692).
- mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692).
- mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).
- mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).
- mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692).
- mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).
- mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).
- mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).
- mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).
- mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).
- mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).
- mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).
- mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).
- module: Correctly truncate sysfs sections output (git-fixes).
- module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes).
- module: Refactor section attr into bin attribute (git-fixes).
- module: statically initialize init section freeing data (git-fixes).
- Move upstreamed BT patch into sorted section
- Move upstreamed intel-vbtn patch into sorted section
- mt76: add missing locking around ampdu action (git-fixes).
- mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).
- mt76: do not use devm API for led classdev (git-fixes).
- mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes).
- mt76: fix LED link time failure (git-fixes).
- mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes).
- mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
- mtd: lpddr: fix excessive stack usage with clang (git-fixes).
- mtd: mtdoops: Do not write panic data twice (git-fixes).
- mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).
- mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).
- mtd: rawnand: stm32_fmc2: fix a buffer overflow (git-fixes).
- mtd: rawnand: vf610: disable clk on error handling path in probe (git-fixes).
- mtd: spinand: gigadevice: Add QE Bit (git-fixes).
- mtd: spinand: gigadevice: Only one dummy byte in QUADIO (git-fixes).
- mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).
- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
- mwifiex: fix double free (git-fixes).
- mwifiex: remove function pointer check (git-fixes).
- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).
- net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under RCU (networking-stable-20_09_24).
- net/core: check length before updating Ethertype in skb_mpls_{push,pop} (git-fixes).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (networking-stable-20_09_24).
- net: disable netpoll on fresh napis (networking-stable-20_09_11).
- net: dsa: b53: check for timeout (networking-stable-20_08_24).
- net: dsa: rtl8366: Properly clear member config (networking-stable-20_09_24).
- net: fec: correct the error path for regulator disable in probe (networking-stable-20_08_24).
- net: Fix bridge enslavement failure (networking-stable-20_09_24).
- net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24).
- net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).
- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24).
- netlabel: fix problems with mapping removal (networking-stable-20_09_11).
- net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-20_09_24).
- net: lantiq: Use napi_complete_done() (networking-stable-20_09_24).
- net: lantiq: use netif_tx_napi_add() for TX NAPI (networking-stable-20_09_24).
- net: lantiq: Wake TX queue again (networking-stable-20_09_24).
- net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-20_09_24).
- net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-20_09_24).
- net/mlx5: Fix FTE cleanup (networking-stable-20_09_24).
- net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461).
- net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24).
- net: phy: Do not warn in phy_stop() on PHY_DOWN (networking-stable-20_09_24).
- net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes).
- net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24).
- net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow (networking-stable-20_08_24).
- net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant (networking-stable-20_09_24).
- net: sctp: Fix negotiation of the number of data streams (networking-stable-20_08_24).
- net/smc: Prevent kernel-infoleak in __smc_diag_dump() (networking-stable-20_08_24).
- net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11).
- net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11).
- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
- net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes).
- net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes).
- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes).
- nfp: use correct define to return NONE fec (networking-stable-20_09_24).
- nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes).
- NFS: Do not move layouts to plh_return_segs list while in use (git-fixes).
- NFS: Do not return layout segments that are in use (git-fixes).
- nfs: ensure correct writeback errors are returned on close() (git-fixes).
- NFS: Fix flexfiles read failover (git-fixes).
- nfs: Fix security label length not being reset (bsc#1176381).
- nfs: nfs_file_write() should check for writeback errors (git-fixes).
- NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes).
- nl80211: fix non-split wiphy information (git-fixes).
- NTB: hw: amd: fix an issue about leak system resources (git-fixes).
- ntb: intel: Fix memleak in intel_ntb_pci_probe (git-fixes).
- nvme-multipath: retry commands for dying queues (bsc#1171688).
- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
- nvme-rdma: fix crash when connect rejected (bsc#1174748).
- overflow: Include header file with SIZE_MAX declaration (git-fixes).
- p54: avoid accessing the data mapped to streaming DMA (git-fixes).
- PCI: aardvark: Check for errors from pci_bridge_emul_init() call (git-fixes).
- PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes).
- PCI: Avoid double hpmemsize MMIO window assignment (git-fixes).
- PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- PCI: tegra194: Fix runtime PM imbalance on error (git-fixes).
- PCI: tegra: Fix runtime PM imbalance on error (git-fixes).
- percpu: fix first chunk size calculation for populated bitmap (git-fixes (mm/percpu)).
- perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1152489).
- perf/x86: Fix n_pair for cancelled txn (bsc#1152489).
- phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes).
- pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes).
- pinctrl: mcp23s08: Fix mcp23x17 precious range (git-fixes).
- pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser (git-fixes).
- pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification.
- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification (bsc#1177353).
- Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes).
- platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).
- platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes).
- platform/x86: intel_pmc_core: do not create a static struct device (git-fixes).
- platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599).
- platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
- platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes).
- platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).
- PM: hibernate: Batch hibernate and resume IO requests (bsc#1178079).
- PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes).
- PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes).
- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes).
- powerpc/book3s64/radix: Make radix_mem_block_size 64bit (bsc#1055186 ltc#153436 git-fixes).
- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).
- powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
- powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).
- powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
- powerpc/papr_scm: Fix warning triggered by perf_stats_show() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).
- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
- powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
- powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).
- powerpc/pseries: Avoid using addr_to_pfn in real mode (jsc#SLE-9246 git-fixes).
- powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).
- powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).
- power: supply: bq27xxx: report 'not charging' on all types (git-fixes).
- power: supply: max17040: Correct voltage reading (git-fixes).
- power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).
- pwm: img: Fix null pointer access in probe (git-fixes).
- pwm: lpss: Add range limit check for the base_unit register value (git-fixes).
- pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes).
- qla2xxx: Return EBUSY on fcport deletion (bsc#1171688).
- qtnfmac: fix resource leaks on unsupported iftype error return path (git-fixes).
- r8169: fix data corruption issue on RTL8402 (bsc#1174098).
- r8169: fix issue with forced threading in combination with shared interrupts (git-fixes).
- r8169: fix operation under forced interrupt threading (git-fixes).
- rapidio: fix the missed put_device() for rio_mport_add_riodev (git-fixes).
- rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090).
- rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (bsc#1177090).
- RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621).
- Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675).
- regulator: axp20x: fix LDO2/4 description (git-fixes).
- regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).
- regulator: resolve supply after creating regulator (git-fixes).
- rename Other drivers / Intel IOMMU subsection to IOMMU
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).
- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
- rtc: ds1374: fix possible race condition (git-fixes).
- rtc: rx8010: do not modify the global rtc ops (git-fixes).
- rtc: sa1100: fix possible race condition (git-fixes).
- rtl8xxxu: prevent potential memory leak (git-fixes).
- rtw88: increse the size of rx buffer size (git-fixes).
- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177799 LTC#188733).
- s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735).
- s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).
- sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)).
- sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)).
- sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588).
- sched/numa: Check numa balancing information only when enabled (bnc#1176588).
- sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)).
- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
- scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).
- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
- scsi: mptfusion: Do not use GFP_ATOMIC for larger DMA allocations (bsc#1175898, ECO-2743).
- scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003).
- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003).
- sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11).
- selftests/timers: Turn off timeout setting (git-fixes).
- serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).
- serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes).
- serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).
- serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
- serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes).
- serial: uartps: Wait for tx_empty in console setup (git-fixes).
- slimbus: core: check get_addr before removing laddr ida (git-fixes).
- slimbus: core: do not enter to clock pause mode in core (git-fixes).
- slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback (git-fixes).
- soc: fsl: qbman: Fix return value on success (git-fixes).
- spi: dw-pci: free previously allocated IRQs if desc->setup() fails (git-fixes).
- spi: fsl-espi: Only process interrupts for expected events (git-fixes).
- spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes).
- spi: spi-s3c64xx: Check return values (git-fixes).
- spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() (git-fixes).
- spi: sprd: Release DMA channel also on probe deferral (git-fixes).
- spi: stm32: Rate-limit the 'Communication suspended' message (git-fixes).
- staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).
- staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes).
- staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).
- staging: octeon: repair 'fixed-link' support (git-fixes).
- staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes).
- staging: rtl8192u: Do not use GFP_KERNEL in atomic context (git-fixes).
- SUNRPC: Revert 241b1f419f0e ('SUNRPC: Remove xdr_buf_trim()') (git-fixes).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes).
- taprio: Fix allowing too small intervals (networking-stable-20_09_24).
- target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719).
- target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109).
- target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090).
- target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109).
- target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch: (bsc#1177090).
- target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271).
- target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271).
- target-rbd-support-COMPARE_AND_WRITE.patch: (bsc#1177090).
- thermal: rcar_thermal: Handle probe error gracefully (git-fixes).
- time: Prevent undefined behaviour in timespec64_to_ns() (bsc#1164648).
- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
- tipc: Fix memory leak in tipc_group_create_member() (networking-stable-20_09_24).
- tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11).
- tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24).
- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
- tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24).
- tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24).
- tracing: Check return value of __create_val_fields() before using its result (git-fixes).
- tracing: Save normal string variables (git-fixes).
- tty: ipwireless: fix error handling (git-fixes).
- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
- uio: free uio id after uio file node is freed (git-fixes).
- Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194).
- Update patches.suse/target-add-rbd-backend.patch: (). (simplify block to byte calculations and use consistent error paths)
- USB: adutux: fix debugging (git-fixes).
- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
- usb: cdc-acm: fix cooldown mechanism (git-fixes).
- USB: cdc-acm: handle broken union descriptors (git-fixes).
- USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes).
- usb: core: Solve race condition in anchor cleanup functions (git-fixes).
- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
- usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
- usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
- usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).
- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
- usb: dwc3: gadget: Resume pending requests after CLEAR_STALL (git-fixes).
- usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).
- usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality (git-fixes).
- usb: dwc3: simple: add support for Hikey 970 (git-fixes).
- USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
- USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).
- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).
- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).
- USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
- usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes).
- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).
- usblp: fix race between disconnect() and read() (git-fixes).
- usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
- usb: ohci: Default to per-port over-current protection (git-fixes).
- USB: serial: cyberjack: fix write-URB completion race (git-fixes).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- USB: serial: qcserial: fix altsetting probing (git-fixes).
- usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).
- usb: xhci-mtk: Fix typo (git-fixes).
- usb: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes).
- vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979).
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
- virtio-net: do not disable guest csum when disable LRO (git-fixes).
- VMCI: check return value of get_user_pages_fast() for errors (git-fixes).
- vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).
- w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).
- watchdog: Fix memleak in watchdog_cdev_register (git-fixes).
- watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3 (git-fixes).
- watchdog: Use put_device on error (git-fixes).
- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).
- wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes).
- wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes).
- writeback: Avoid skipping inode writeback (bsc#1177755).
- writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755).
- writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755).
- X.509: Add CodeSigning extended key usage parsing (bsc#1177353).
- x86/alternative: Do not call text_poke() in lazy TLB mode (bsc#1175749).
- x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1152489).
- x86/ioapic: Unbreak check_timer() (bsc#1152489).
- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1177765).
- x86/mm: unencrypted non-blocking DMA allocations use coherent pools (bsc#1175898, ECO-2743).
- x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907).
- x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).
- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/events: add a new 'late EOI' evtchn framework (XSA-332 bsc#1177411).
- xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).
- xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).
- xen/events: block rogue events for some time (XSA-332 bsc#1177411).
- xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).
- xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
- xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).
- xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).
- xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).
- xen/gntdev.c: Mark pages as dirty (bsc#1065600).
- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/pvcallsback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146).
- xfs: do not update mtime on COW faults (bsc#1167030).
- xfs: fix high key handling in the rt allocator's query_range function (git-fixes).
- xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes).
- xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files (git-fixes).
- xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).
- xfs: force the log after remapping a synchronous-writes file (git-fixes).
- xfs: introduce XFS_MAX_FILEOFF (bsc#1166166).
- xfs: limit entries returned when counting fsmap records (git-fixes).
- xfs: remove unused variable 'done' (bsc#1166166).
- xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes).
- xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166).
- xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes).
- xprtrdma: fix incorrect header size calculations (git-fixes).
- yam: fix possible memory leak in yam_init_driver (git-fixes).
Patchnames: openSUSE-2020-2112
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
183 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka \u0027BleedingTooth\u0027 aka \u0027BadKarma\u0027 (bsc#1177724).\n- CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka \u0027BleedingTooth\u0027 aka \u0027BadVibes\u0027 (bsc#1177726).\n- CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka \u0027BleedingTooth\u0027 aka \u0027BadChoice\u0027 (bsc#1177725).\n- CVE-2020-25212: A TOCTOU mismatch in the NFS client code in the Linux kernel could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).\n- CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511).\n- CVE-2020-25643: Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (bnc#1177206).\n- CVE-2020-25641: A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allowed a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability (bnc#1177121).\n- CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393).\n- CVE-2020-25668: Make FONTX ioctl use the tty pointer they were actually passed (bsc#1178123).\n- CVE-2020-25656: Extend func_buf_lock to readers (bnc#1177766).\n- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812 (bnc#1176485).\n- CVE-2020-14351: Fixed race in the perf_mmap_close() function (bsc#1177086).\n- CVE-2020-8694: Restrict energy meter to root access (bsc#1170415).\n- CVE-2020-16120: Check permission to open real file in overlayfs (bsc#1177470).\n- CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)\n\nThe following non-security bugs were fixed:\n\n- 9p: Fix memory leak in v9fs_mount (git-fixes).\n- ACPI: Always build evged in (git-fixes).\n- ACPI: button: fix handling lid state changes when input device closed (git-fixes).\n- ACPI: configfs: Add missing config_item_put() to fix refcount leak (git-fixes).\n- acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).\n- ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).\n- ACPI: EC: Reference count query handlers under lock (git-fixes).\n- ACPI / extlog: Check for RDMSR failure (git-fixes).\n- ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).\n- act_ife: load meta modules before tcf_idr_check_alloc() (networking-stable-20_09_24).\n- Add CONFIG_CHECK_CODESIGN_EKU\n- airo: Fix read overflows sending packets (git-fixes).\n- ALSA: ac97: (cosmetic) align argument names (git-fixes).\n- ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).\n- ALSA: asihpi: fix spellint typo in comments (git-fixes).\n- ALSA: atmel: ac97: clarify operator precedence (git-fixes).\n- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).\n- ALSA: compress_offload: remove redundant initialization (git-fixes).\n- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).\n- ALSA: core: pcm: simplify locking for timers (git-fixes).\n- ALSA: core: timer: clarify operator precedence (git-fixes).\n- ALSA: core: timer: remove redundant assignment (git-fixes).\n- ALSA: ctl: Workaround for lockdep warning wrt card-\u003ectl_files_rwlock (git-fixes).\n- ALSA: fireworks: use semicolons rather than commas to separate statements (git-fixes).\n- ALSA: fix kernel-doc markups (git-fixes).\n- ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).\n- ALSA: hda: (cosmetic) align function parameters (git-fixes).\n- ALSA: hda - Do not register a cb func if it is registered already (git-fixes).\n- ALSA: hda - Fix the return value if cb func is already registered (git-fixes).\n- ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes).\n- ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).\n- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).\n- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).\n- ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).\n- ALSA: hda/realtek - Fixed HP headset Mic can\u0027t be detected (git-fixes).\n- ALSA: hda/realtek - set mic to auto detect on a HP AIO machine (git-fixes).\n- ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).\n- ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).\n- ALSA: hdspm: Fix typo arbitary (git-fixes).\n- ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).\n- ALSA: portman2x4: fix repeated word \u0027if\u0027 (git-fixes).\n- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).\n- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).\n- ALSA: sparc: dbri: fix repeated word \u0027the\u0027 (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).\n- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).\n- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).\n- ALSA: usb-audio: endpoint.c: fix repeated word \u0027there\u0027 (git-fixes).\n- ALSA: usb-audio: fix spelling mistake \u0027Frequence\u0027 -\u003e \u0027Frequency\u0027 (git-fixes).\n- ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk (git-fixes).\n- ALSA: usb: scarless_gen2: fix endianness issue (git-fixes).\n- ALSA: vx: vx_core: clarify operator precedence (git-fixes).\n- ALSA: vx: vx_pcm: remove redundant assignment (git-fixes).\n- ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).\n- arm64: Enable PCI write-combine resources under sysfs (bsc#1175807).\n- ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).\n- ASoC: cs42l51: manage mclk shutdown delay (git-fixes).\n- ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe() (git-fixes).\n- ASoC: fsl_sai: Instantiate snd_soc_dai_driver (git-fixes).\n- ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes).\n- ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes).\n- ASoC: kirkwood: fix IRQ error handling (git-fixes).\n- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).\n- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).\n- ASoC: qcom: sdm845: set driver name correctly (git-fixes).\n- ASoC: sun50i-codec-analog: Fix duplicate use of ADC enable bits (git-fixes).\n- ASoC: tlv320aic32x4: Fix bdiv clock rate derivation (git-fixes).\n- ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes).\n- ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes).\n- ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes).\n- ata: sata_rcar: Fix DMA boundary mask (git-fixes).\n- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).\n- ath10k: fix array out-of-bounds access (git-fixes).\n- ath10k: fix memory leak for tpc_stats_final (git-fixes).\n- ath10k: Fix the size used in a \u0027dma_free_coherent()\u0027 call in an error handling path (git-fixes).\n- ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).\n- ath10k: provide survey info as accumulated data (git-fixes).\n- ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).\n- ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).\n- ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes).\n- ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes).\n- ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes).\n- ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes).\n- ath9k_htc: Use appropriate rs_datalen type (git-fixes).\n- backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).\n- blk-mq: order adding requests to hctx-\u003edispatch and checking SCHED_RESTART (bsc#1177750).\n- block: ensure bdi-\u003eio_pages is always initialized (bsc#1177749).\n- block: Fix page_is_mergeable() for compound pages (bsc#1177814).\n- block: Set same_page to false in __bio_try_merge_page if ret is false (git-fixes).\n- Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb (git-fixes).\n- Bluetooth: Fix refcount use-after-free issue (git-fixes).\n- Bluetooth: guard against controllers sending zero\u0027d events (git-fixes).\n- Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).\n- Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).\n- Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).\n- Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).\n- Bluetooth: Only mark socket zapped after unlocking (git-fixes).\n- Bluetooth: prefetch channel before killing sock (git-fixes).\n- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (git-fixes).\n- bonding: show saner speed for broadcast mode (networking-stable-20_08_24).\n- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).\n- brcmfmac: check ndev pointer (git-fixes).\n- brcmfmac: Fix double freeing in the fmac usb data path (git-fixes).\n- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).\n- btrfs: Account for merged patches upstream Move below patches to sorted section.\n- btrfs: add owner and fs_info to alloc_state io_tree (bsc#1177854).\n- btrfs: allocate scrub workqueues outside of locks (bsc#1178183).\n- btrfs: block-group: do not set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019).\n- btrfs: block-group: fix free-space bitmap threshold (bsc#1176019).\n- btrfs: block-group: refactor how we delete one block group item (bsc#1176019).\n- btrfs: block-group: refactor how we insert a block group item (bsc#1176019).\n- btrfs: block-group: refactor how we read one block group item (bsc#1176019).\n- btrfs: block-group: rename write_one_cache_group() (bsc#1176019).\n- btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687).\n- btrfs: cleanup cow block on error (bsc#1178584).\n- btrfs: do not force read-only after error in drop snapshot (bsc#1176354).\n- btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).\n- btrfs: do not take an extra root ref at allocation time (bsc#1176019).\n- btrfs: drop logs when we\u0027ve aborted a transaction (bsc#1176019).\n- btrfs: drop path before adding new uuid tree entry (bsc#1178176).\n- btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019).\n- Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019).\n- btrfs: fix filesystem corruption after a device replace (bsc#1178395).\n- btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190).\n- btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191).\n- btrfs: fix race between page release and a fast fsync (bsc#1177687).\n- btrfs: fix space cache memory leak after transaction abort (bsc#1178173).\n- btrfs: free block groups after free\u0027ing fs trees (bsc#1176019).\n- btrfs: hold a ref on the root on the dead roots list (bsc#1176019).\n- btrfs: kill the subvol_srcu (bsc#1176019).\n- btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019).\n- btrfs: make inodes hold a ref on their roots (bsc#1176019).\n- btrfs: make the extent buffer leak check per fs info (bsc#1176019).\n- btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks (bsc#1178395).\n- btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing (bsc#1178395).\n- btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019).\n- btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019).\n- btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019).\n- btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).\n- btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).\n- btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).\n- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).\n- btrfs: reduce contention on log trees when logging checksums (bsc#1177687).\n- btrfs: release old extent maps during page release (bsc#1177687).\n- btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019).\n- btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).\n- btrfs: rename member \u0027trimming\u0027 of block group to a more generic name (bsc#1176019).\n- btrfs: reschedule if necessary when logging directory items (bsc#1178585).\n- btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019).\n- btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).\n- btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).\n- btrfs: set the correct lockdep class for new nodes (bsc#1178184).\n- btrfs: set the lockdep class for log tree extent buffers (bsc#1178186).\n- btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).\n- btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).\n- bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes).\n- can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).\n- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).\n- can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).\n- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).\n- can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes).\n- can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).\n- can: flexcan: remove ack_grp and ack_bit handling from driver (git-fixes).\n- can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes).\n- can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).\n- can: peak_usb: add range checking in decode operations (git-fixes).\n- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).\n- can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).\n- can: softing: softing_card_shutdown(): add braces around empty body in an \u0027if\u0027 statement (git-fixes).\n- ceph: promote to unsigned long long before shifting (bsc#1178175).\n- clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).\n- clk: at91: remove the checking of parent_name (git-fixes).\n- clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes).\n- clk: imx8mq: Fix usdhc parents order (git-fixes).\n- clk: keystone: sci-clk: fix parsing assigned-clock data during probe (git-fixes).\n- clk: meson: g12a: mark fclk_div2 as critical (git-fixes).\n- clk: qcom: gcc-sdm660: Fix wrong parent_map (git-fixes).\n- clk: samsung: exynos4: mark \u0027chipid\u0027 clock as CLK_IGNORE_UNUSED (git-fixes).\n- clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes).\n- clk: tegra: Always program PLL_E when enabled (git-fixes).\n- clk/ti/adpll: allocate room for terminating null (git-fixes).\n- clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes).\n- clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes).\n- cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588).\n- create Storage / NVMe subsection\n- crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes).\n- crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).\n- crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).\n- crypto: ccp - fix error handling (git-fixes).\n- crypto: dh - check validity of Z before export (bsc#1175718).\n- crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718).\n- crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718).\n- crypto: ecdh - check validity of Z before export (bsc#1175718).\n- crypto: ixp4xx - Fix the size used in a \u0027dma_free_coherent()\u0027 call (git-fixes).\n- crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes).\n- crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).\n- crypto: picoxcell - Fix potential race condition bug (git-fixes).\n- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes).\n- cxgb4: fix memory leak during module unload (networking-stable-20_09_24).\n- cxgb4: Fix offset when clearing filter byte counters (networking-stable-20_09_24).\n- cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).\n- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).\n- dax: Fix compilation for CONFIG_DAX \u0026\u0026 !CONFIG_FS_DAX (bsc#1177817).\n- Disable module compression on SLE15 SP2 (bsc#1178307)\n- dma-direct: add missing set_memory_decrypted() for coherent mapping (bsc#1175898, ECO-2743).\n- dma-direct: always align allocation size in dma_direct_alloc_pages() (bsc#1175898, ECO-2743).\n- dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743).\n- dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743).\n- dma-direct: consolidate the error handling in dma_direct_alloc_pages (bsc#1175898, ECO-2743).\n- dma-direct: make uncached_kernel_address more general (bsc#1175898, ECO-2743).\n- dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743).\n- dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743).\n- dma-direct: re-encrypt memory if dma_direct_alloc_pages() fails (bsc#1175898, ECO-2743).\n- dma-direct: remove __dma_direct_free_pages (bsc#1175898, ECO-2743).\n- dma-direct: remove the dma_handle argument to __dma_direct_alloc_pages (bsc#1175898, ECO-2743).\n- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).\n- dmaengine: dmatest: Check list for emptiness before access its last entry (git-fixes).\n- dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes).\n- dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes).\n- dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).\n- dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes).\n- dmaengine: tegra-apb: Prevent race conditions on channel\u0027s freeing (git-fixes).\n- dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).\n- dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes).\n- dma-mapping: add a dma_can_mmap helper (bsc#1175898, ECO-2743).\n- dma-mapping: always use VM_DMA_COHERENT for generic DMA remap (bsc#1175898, ECO-2743).\n- dma-mapping: DMA_COHERENT_POOL should select GENERIC_ALLOCATOR (bsc#1175898, ECO-2743).\n- dma-mapping: make dma_atomic_pool_init self-contained (bsc#1175898, ECO-2743).\n- dma-mapping: merge the generic remapping helpers into dma-direct (bsc#1175898, ECO-2743).\n- dma-mapping: remove arch_dma_mmap_pgprot (bsc#1175898, ECO-2743).\n- dma-mapping: warn when coherent pool is depleted (bsc#1175898, ECO-2743).\n- dma-pool: add additional coherent pools to map to gfp mask (bsc#1175898, ECO-2743).\n- dma-pool: add pool sizes to debugfs (bsc#1175898, ECO-2743).\n- dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL (bsc#1175898, ECO-2743).\n- dma-pool: do not allocate pool memory from CMA (bsc#1175898, ECO-2743).\n- dma-pool: dynamically expanding atomic pools (bsc#1175898, ECO-2743).\n- dma-pool: Fix an uninitialized variable bug in atomic_pool_expand() (bsc#1175898, ECO-2743).\n- dma-pool: fix coherent pool allocations for IOMMU mappings (bsc#1175898, ECO-2743).\n- dma-pool: fix too large DMA pools on medium memory size systems (bsc#1175898, ECO-2743).\n- dma-pool: get rid of dma_in_atomic_pool() (bsc#1175898, ECO-2743).\n- dma-pool: introduce dma_guess_pool() (bsc#1175898, ECO-2743).\n- dma-pool: make sure atomic pool suits device (bsc#1175898, ECO-2743).\n- dma-pool: Only allocate from CMA when in same memory zone (bsc#1175898, ECO-2743).\n- dma-pool: scale the default DMA coherent pool size with memory capacity (bsc#1175898, ECO-2743).\n- dma-remap: separate DMA atomic pools from direct remap code (bsc#1175898, ECO-2743).\n- dm: Call proper helper to determine dax support (bsc#1177817).\n- dm/dax: Fix table reference counts (bsc#1178246).\n- docs: driver-api: remove a duplicated index entry (git-fixes).\n- drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).\n- drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).\n- drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes).\n- drm/radeon: revert \u0027Prefer lower feedback dividers\u0027 (bsc#1177384).\n- drop Storage / bsc#1171688 subsection No effect on expanded tree.\n- e1000: Do not perform reset in reset_task if we are already down (git-fixes).\n- EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1152489).\n- eeprom: at25: set minimum read/write access stride to 1 (git-fixes).\n- exfat: fix name_hash computation on big endian systems (git-fixes).\n- exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes).\n- exfat: fix possible memory leak in exfat_find() (git-fixes).\n- exfat: fix use of uninitialized spinlock on error path (git-fixes).\n- exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes).\n- exfat: fix wrong size update of stream entry by typo (git-fixes).\n- extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips (git-fixes).\n- ftrace: Move RCU is watching check after recursion check (git-fixes).\n- fuse: do not ignore errors from fuse_writepages_fill() (bsc#1177193).\n- futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648).\n- futex: Consistently use fshared as boolean (bsc#1149032).\n- futex: Fix incorrect should_fail_futex() handling (bsc#1149032).\n- futex: Remove put_futex_key() (bsc#1149032).\n- futex: Remove unused or redundant includes (bsc#1149032).\n- gpio: mockup: fix resource leak in error path (git-fixes).\n- gpio: rcar: Fix runtime PM imbalance on error (git-fixes).\n- gpio: siox: explicitly support only threaded irqs (git-fixes).\n- gpio: sprd: Clear interrupt when setting the type as edge (git-fixes).\n- gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).\n- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24).\n- gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11).\n- HID: hid-input: fix stylus battery reporting (git-fixes).\n- HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes).\n- HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes).\n- HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes).\n- hwmon: (applesmc) check status earlier (git-fixes).\n- hwmon: (mlxreg-fan) Fix double \u0027Mellanox\u0027 (git-fixes).\n- hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes).\n- hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).\n- i2c: aspeed: Mask IRQ status to relevant bits (git-fixes).\n- i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes).\n- i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs (git-fixes).\n- i2c: cpm: Fix i2c_ram structure (git-fixes).\n- i2c: i801: Exclude device from suspend direct complete optimization (git-fixes).\n- i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).\n- i2c: meson: fix clock setting overwrite (git-fixes).\n- i2c: meson: fixup rate calculation with filter delay (git-fixes).\n- i2c: owl: Clear NACK and BUS error bits (git-fixes).\n- i2c: rcar: Auto select RESET_CONTROLLER (git-fixes).\n- i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes).\n- i2c: tegra: Restore pinmux on system resume (git-fixes).\n- i3c: master add i3c_master_attach_boardinfo to preserve boardinfo (git-fixes).\n- i3c: master: Fix error return in cdns_i3c_master_probe() (git-fixes).\n- ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).\n- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).\n- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).\n- ibmvnic: save changed mac address to adapter-\u003emac_addr (bsc#1134760 ltc#177449 git-fixes).\n- ibmvnic: set up 200GBPS speed (bsc#1129923 git-fixes).\n- icmp: randomize the global rate limiter (git-fixes).\n- ida: Free allocated bitmap in error path (git-fixes).\n- ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).\n- ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).\n- iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes).\n- iio: adc: gyroadc: fix leak of device node iterator (git-fixes).\n- iio: adc: qcom-spmi-adc5: fix driver name (git-fixes).\n- iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling (git-fixes).\n- iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).\n- iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).\n- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).\n- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes).\n- ima: Do not ignore errors from crypto_shash_update() (git-fixes).\n- ima: extend boot_aggregate with kernel measurements (bsc#1177617).\n- ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes).\n- Input: ati_remote2 - add missing newlines when printing module parameters (git-fixes).\n- Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes).\n- Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532).\n- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes).\n- Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes).\n- Input: stmfts - fix a \u0026 vs \u0026\u0026 typo (git-fixes).\n- Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).\n- Input: trackpoint - enable Synaptics trackpoints (git-fixes).\n- Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes).\n- iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).\n- iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297).\n- iommu/amd: Fix potential @entry null deref (bsc#1177283).\n- iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284).\n- iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285).\n- iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286).\n- iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).\n- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (bsc#1177739).\n- ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24).\n- ipmi_si: Fix wrong return value in try_smi_init() (git-fixes).\n- ipv4: Initialize flowi4_multipath_hash in data path (networking-stable-20_09_24).\n- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes).\n- ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24).\n- ipv6: avoid lockdep issue in fib6_del() (networking-stable-20_09_24).\n- ipv6: Fix sysctl max for fib_multipath_hash_policy (networking-stable-20_09_11).\n- ipvlan: fix device features (networking-stable-20_08_24).\n- iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).\n- kabi fix for NFS: Fix flexfiles read failover (git-fixes).\n- kABI: Fix kABI after add CodeSigning extended key usage (bsc#1177353).\n- kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules.\n- kallsyms: Refactor kallsyms_show_value() to take cred (git-fixes).\n- kbuild: enforce -Werror=return-type (bsc#1177281).\n- kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv\n- kernel-binary.spec.in: Package the obj_install_dir as explicit filelist.\n- KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes).\n- leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).\n- leds: mlxreg: Fix possible buffer overflow (git-fixes).\n- leds: mt6323: move period calculation (git-fixes).\n- libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (bsc#1177090).\n- libceph: clear con-\u003eout_msg on Policy::stateful_server faults (bsc#1178177).\n- lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).\n- lib/mpi: Add mpi_sub_ui() (bsc#1175718).\n- locking/rwsem: Disable reader optimistic spinning (bnc#1176588).\n- mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).\n- mac80211: handle lack of sband-\u003ebitrates in rates (git-fixes).\n- mac80211: skip mpath lookup also for control port tx (git-fixes).\n- mac802154: tx: fix use-after-free (git-fixes).\n- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).\n- mailbox: avoid timer start from callback (git-fixes).\n- media: ati_remote: sanity check for both endpoints (git-fixes).\n- media: bdisp: Fix runtime PM imbalance on error (git-fixes).\n- media: camss: Fix a reference count leak (git-fixes).\n- media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes).\n- media: exynos4-is: Fix a reference count leak (git-fixes).\n- media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes).\n- media: firewire: fix memory leak (git-fixes).\n- media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes).\n- media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes).\n- media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes).\n- media: imx274: fix frame interval handling (git-fixes).\n- media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).\n- media: mc-device.c: fix memleak in media_device_register_entity (git-fixes).\n- media: media/pci: prevent memory leak in bttv_probe (git-fixes).\n- media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes).\n- media: omap3isp: Fix memleak in isp_probe (git-fixes).\n- media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes).\n- media: platform: fcp: Fix a reference count leak (git-fixes).\n- media: platform: Improve queue set up flow for bug fixing (git-fixes).\n- media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).\n- media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).\n- media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes).\n- media: rcar_drif: Allocate v4l2_async_subdev dynamically (git-fixes).\n- media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes).\n- media: rcar-vin: Fix a reference count leak (git-fixes).\n- media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes).\n- media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes).\n- media: Revert \u0027media: exynos4-is: Add missed check for pinctrl_lookup_state()\u0027 (git-fixes).\n- media: rockchip/rga: Fix a reference count leak (git-fixes).\n- media: s5p-mfc: Fix a reference count leak (git-fixes).\n- media: saa7134: avoid a shift overflow (git-fixes).\n- media: smiapp: Fix error handling at NVM reading (git-fixes).\n- media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes).\n- media: st-delta: Fix reference count leak in delta_run_work (git-fixes).\n- media: sti: Fix reference count leaks (git-fixes).\n- media: stm32-dcmi: Fix a reference count leak (git-fixes).\n- media: tc358743: cleanup tc358743_cec_isr (git-fixes).\n- media: tc358743: initialize variable (git-fixes).\n- media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).\n- media: ti-vpe: Fix a missing check and reference count leak (git-fixes).\n- media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).\n- media: tw5864: check status of tw5864_frameinterval_get (git-fixes).\n- media: usbtv: Fix refcounting mixup (git-fixes).\n- media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).\n- media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).\n- media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes).\n- media: uvcvideo: Set media controller entity functions (git-fixes).\n- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).\n- media: v4l2-async: Document asd allocation requirements (git-fixes).\n- media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes).\n- media: vsp1: Fix runtime PM imbalance on error (git-fixes).\n- memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes).\n- memory: omap-gpmc: Fix a couple off by ones (git-fixes).\n- memory: omap-gpmc: Fix build error without CONFIG_OF (git-fixes).\n- mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).\n- mfd: sm501: Fix leaks in probe() (git-fixes).\n- mic: vop: copy data to kernel space then write to io memory (git-fixes).\n- misc: mic: scif: Fix error handling path (git-fixes).\n- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).\n- misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes).\n- mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697).\n- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).\n- mmc: core: Rework wp-gpio handling (git-fixes).\n- mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681).\n- mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681).\n- mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).\n- mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes).\n- mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).\n- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).\n- mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)).\n- mm: do not panic when links can\u0027t be created in sysfs (bsc#1178002).\n- mm: do not rely on system state to detect hot-plug operations (bsc#1178002).\n- mm: fix a race during THP splitting (bsc#1178255).\n- mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).\n- mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697).\n- mm: madvise: fix vma user-after-free (git-fixes).\n- mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694).\n- mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)).\n- mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683).\n- mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683).\n- mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683).\n- mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697).\n- mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)).\n- mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).\n- mm: replace memmap_context by meminit_context (bsc#1178002).\n- mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).\n- mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692).\n- mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692).\n- mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692).\n- mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692).\n- mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692).\n- mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692).\n- mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692).\n- mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692).\n- mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692).\n- mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692).\n- mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692).\n- mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).\n- mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).\n- module: Correctly truncate sysfs sections output (git-fixes).\n- module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes).\n- module: Refactor section attr into bin attribute (git-fixes).\n- module: statically initialize init section freeing data (git-fixes).\n- Move upstreamed BT patch into sorted section\n- Move upstreamed intel-vbtn patch into sorted section\n- mt76: add missing locking around ampdu action (git-fixes).\n- mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).\n- mt76: do not use devm API for led classdev (git-fixes).\n- mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes).\n- mt76: fix LED link time failure (git-fixes).\n- mtd: cfi_cmdset_0002: do not free cfi-\u003ecfiq in error path of cfi_amdstd_setup() (git-fixes).\n- mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).\n- mtd: lpddr: fix excessive stack usage with clang (git-fixes).\n- mtd: mtdoops: Do not write panic data twice (git-fixes).\n- mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).\n- mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).\n- mtd: rawnand: stm32_fmc2: fix a buffer overflow (git-fixes).\n- mtd: rawnand: vf610: disable clk on error handling path in probe (git-fixes).\n- mtd: spinand: gigadevice: Add QE Bit (git-fixes).\n- mtd: spinand: gigadevice: Only one dummy byte in QUADIO (git-fixes).\n- mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).\n- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).\n- mwifiex: fix double free (git-fixes).\n- mwifiex: remove function pointer check (git-fixes).\n- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes).\n- net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under RCU (networking-stable-20_09_24).\n- net/core: check length before updating Ethertype in skb_mpls_{push,pop} (git-fixes).\n- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (networking-stable-20_09_24).\n- net: disable netpoll on fresh napis (networking-stable-20_09_11).\n- net: dsa: b53: check for timeout (networking-stable-20_08_24).\n- net: dsa: rtl8366: Properly clear member config (networking-stable-20_09_24).\n- net: fec: correct the error path for regulator disable in probe (networking-stable-20_08_24).\n- net: Fix bridge enslavement failure (networking-stable-20_09_24).\n- net: Fix potential wrong skb-\u003eprotocol in skb_vlan_untag() (networking-stable-20_08_24).\n- net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).\n- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24).\n- netlabel: fix problems with mapping removal (networking-stable-20_09_11).\n- net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-20_09_24).\n- net: lantiq: Use napi_complete_done() (networking-stable-20_09_24).\n- net: lantiq: use netif_tx_napi_add() for TX NAPI (networking-stable-20_09_24).\n- net: lantiq: Wake TX queue again (networking-stable-20_09_24).\n- net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-20_09_24).\n- net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-20_09_24).\n- net/mlx5: Fix FTE cleanup (networking-stable-20_09_24).\n- net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461).\n- net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24).\n- net: phy: Do not warn in phy_stop() on PHY_DOWN (networking-stable-20_09_24).\n- net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes).\n- net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24).\n- net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow (networking-stable-20_08_24).\n- net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant (networking-stable-20_09_24).\n- net: sctp: Fix negotiation of the number of data streams (networking-stable-20_08_24).\n- net/smc: Prevent kernel-infoleak in __smc_diag_dump() (networking-stable-20_08_24).\n- net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11).\n- net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11).\n- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).\n- net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes).\n- net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes).\n- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes).\n- nfp: use correct define to return NONE fec (networking-stable-20_09_24).\n- nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes).\n- NFS: Do not move layouts to plh_return_segs list while in use (git-fixes).\n- NFS: Do not return layout segments that are in use (git-fixes).\n- nfs: ensure correct writeback errors are returned on close() (git-fixes).\n- NFS: Fix flexfiles read failover (git-fixes).\n- nfs: Fix security label length not being reset (bsc#1176381).\n- nfs: nfs_file_write() should check for writeback errors (git-fixes).\n- NFSv4.2: fix client\u0027s attribute cache management for copy_file_range (git-fixes).\n- nl80211: fix non-split wiphy information (git-fixes).\n- NTB: hw: amd: fix an issue about leak system resources (git-fixes).\n- ntb: intel: Fix memleak in intel_ntb_pci_probe (git-fixes).\n- nvme-multipath: retry commands for dying queues (bsc#1171688).\n- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).\n- nvme-rdma: fix crash when connect rejected (bsc#1174748).\n- overflow: Include header file with SIZE_MAX declaration (git-fixes).\n- p54: avoid accessing the data mapped to streaming DMA (git-fixes).\n- PCI: aardvark: Check for errors from pci_bridge_emul_init() call (git-fixes).\n- PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes).\n- PCI: Avoid double hpmemsize MMIO window assignment (git-fixes).\n- PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- PCI: tegra194: Fix runtime PM imbalance on error (git-fixes).\n- PCI: tegra: Fix runtime PM imbalance on error (git-fixes).\n- percpu: fix first chunk size calculation for populated bitmap (git-fixes (mm/percpu)).\n- perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1152489).\n- perf/x86: Fix n_pair for cancelled txn (bsc#1152489).\n- phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes).\n- pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes).\n- pinctrl: mcp23s08: Fix mcp23x17 precious range (git-fixes).\n- pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser (git-fixes).\n- pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).\n- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification.\n- PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification (bsc#1177353).\n- Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes).\n- platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).\n- platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes).\n- platform/x86: intel_pmc_core: do not create a static struct device (git-fixes).\n- platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599).\n- platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).\n- platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes).\n- platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).\n- PM: hibernate: Batch hibernate and resume IO requests (bsc#1178079).\n- PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes).\n- PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes).\n- pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes).\n- powerpc/book3s64/radix: Make radix_mem_block_size 64bit (bsc#1055186 ltc#153436 git-fixes).\n- powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).\n- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).\n- powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).\n- powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).\n- powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).\n- powerpc/papr_scm: Fix warning triggered by perf_stats_show() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).\n- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).\n- powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).\n- powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).\n- powerpc/pseries: Avoid using addr_to_pfn in real mode (jsc#SLE-9246 git-fixes).\n- powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).\n- powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).\n- power: supply: bq27xxx: report \u0027not charging\u0027 on all types (git-fixes).\n- power: supply: max17040: Correct voltage reading (git-fixes).\n- power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).\n- pwm: img: Fix null pointer access in probe (git-fixes).\n- pwm: lpss: Add range limit check for the base_unit register value (git-fixes).\n- pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes).\n- qla2xxx: Return EBUSY on fcport deletion (bsc#1171688).\n- qtnfmac: fix resource leaks on unsupported iftype error return path (git-fixes).\n- r8169: fix data corruption issue on RTL8402 (bsc#1174098).\n- r8169: fix issue with forced threading in combination with shared interrupts (git-fixes).\n- r8169: fix operation under forced interrupt threading (git-fixes).\n- rapidio: fix the missed put_device() for rio_mport_add_riodev (git-fixes).\n- rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090).\n- rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (bsc#1177090).\n- RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621).\n- Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675).\n- regulator: axp20x: fix LDO2/4 description (git-fixes).\n- regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).\n- regulator: resolve supply after creating regulator (git-fixes).\n- rename Other drivers / Intel IOMMU subsection to IOMMU\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).\n- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)\n- rtc: ds1374: fix possible race condition (git-fixes).\n- rtc: rx8010: do not modify the global rtc ops (git-fixes).\n- rtc: sa1100: fix possible race condition (git-fixes).\n- rtl8xxxu: prevent potential memory leak (git-fixes).\n- rtw88: increse the size of rx buffer size (git-fixes).\n- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177799 LTC#188733).\n- s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735).\n- s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979).\n- sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)).\n- sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)).\n- sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588).\n- sched/numa: Check numa balancing information only when enabled (bnc#1176588).\n- sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)).\n- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).\n- scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).\n- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).\n- scsi: mptfusion: Do not use GFP_ATOMIC for larger DMA allocations (bsc#1175898, ECO-2743).\n- scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Remove unneeded variable \u0027rval\u0027 (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003).\n- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003).\n- sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11).\n- selftests/timers: Turn off timeout setting (git-fixes).\n- serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).\n- serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes).\n- serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).\n- serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).\n- serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes).\n- serial: uartps: Wait for tx_empty in console setup (git-fixes).\n- slimbus: core: check get_addr before removing laddr ida (git-fixes).\n- slimbus: core: do not enter to clock pause mode in core (git-fixes).\n- slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback (git-fixes).\n- soc: fsl: qbman: Fix return value on success (git-fixes).\n- spi: dw-pci: free previously allocated IRQs if desc-\u003esetup() fails (git-fixes).\n- spi: fsl-espi: Only process interrupts for expected events (git-fixes).\n- spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes).\n- spi: spi-s3c64xx: Check return values (git-fixes).\n- spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() (git-fixes).\n- spi: sprd: Release DMA channel also on probe deferral (git-fixes).\n- spi: stm32: Rate-limit the \u0027Communication suspended\u0027 message (git-fixes).\n- staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).\n- staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes).\n- staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).\n- staging: octeon: repair \u0027fixed-link\u0027 support (git-fixes).\n- staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes).\n- staging: rtl8192u: Do not use GFP_KERNEL in atomic context (git-fixes).\n- SUNRPC: Revert 241b1f419f0e (\u0027SUNRPC: Remove xdr_buf_trim()\u0027) (git-fixes).\n- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes).\n- taprio: Fix allowing too small intervals (networking-stable-20_09_24).\n- target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719).\n- target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109).\n- target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090).\n- target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109).\n- target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch: (bsc#1177090).\n- target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271).\n- target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271).\n- target-rbd-support-COMPARE_AND_WRITE.patch: (bsc#1177090).\n- thermal: rcar_thermal: Handle probe error gracefully (git-fixes).\n- time: Prevent undefined behaviour in timespec64_to_ns() (bsc#1164648).\n- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).\n- tipc: Fix memory leak in tipc_group_create_member() (networking-stable-20_09_24).\n- tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11).\n- tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24).\n- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).\n- tipc: fix uninit skb-\u003edata in tipc_nl_compat_dumpit() (networking-stable-20_08_24).\n- tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24).\n- tracing: Check return value of __create_val_fields() before using its result (git-fixes).\n- tracing: Save normal string variables (git-fixes).\n- tty: ipwireless: fix error handling (git-fixes).\n- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).\n- uio: free uio id after uio file node is freed (git-fixes).\n- Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194).\n- Update patches.suse/target-add-rbd-backend.patch: (). (simplify block to byte calculations and use consistent error paths)\n- USB: adutux: fix debugging (git-fixes).\n- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).\n- usb: cdc-acm: fix cooldown mechanism (git-fixes).\n- USB: cdc-acm: handle broken union descriptors (git-fixes).\n- USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes).\n- usb: core: Solve race condition in anchor cleanup functions (git-fixes).\n- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).\n- usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).\n- usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).\n- usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).\n- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).\n- usb: dwc3: gadget: Resume pending requests after CLEAR_STALL (git-fixes).\n- usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).\n- usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality (git-fixes).\n- usb: dwc3: simple: add support for Hikey 970 (git-fixes).\n- USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).\n- USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).\n- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).\n- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).\n- USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).\n- usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes).\n- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).\n- usblp: fix race between disconnect() and read() (git-fixes).\n- usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).\n- usb: ohci: Default to per-port over-current protection (git-fixes).\n- USB: serial: cyberjack: fix write-URB completion race (git-fixes).\n- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).\n- USB: serial: option: add Cellient MPL200 card (git-fixes).\n- USB: serial: option: Add Telit FT980-KS composition (git-fixes).\n- USB: serial: pl2303: add device-id for HP GC device (git-fixes).\n- USB: serial: qcserial: fix altsetting probing (git-fixes).\n- usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).\n- usb: xhci-mtk: Fix typo (git-fixes).\n- usb: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes).\n- vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979).\n- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).\n- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).\n- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).\n- virtio-net: do not disable guest csum when disable LRO (git-fixes).\n- VMCI: check return value of get_user_pages_fast() for errors (git-fixes).\n- vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).\n- w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).\n- watchdog: Fix memleak in watchdog_cdev_register (git-fixes).\n- watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3 (git-fixes).\n- watchdog: Use put_device on error (git-fixes).\n- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).\n- wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes).\n- wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes).\n- writeback: Avoid skipping inode writeback (bsc#1177755).\n- writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755).\n- writeback: Protect inode-\u003ei_io_list with inode-\u003ei_lock (bsc#1177755).\n- X.509: Add CodeSigning extended key usage parsing (bsc#1177353).\n- x86/alternative: Do not call text_poke() in lazy TLB mode (bsc#1175749).\n- x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1152489).\n- x86/ioapic: Unbreak check_timer() (bsc#1152489).\n- x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).\n- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1177765).\n- x86/mm: unencrypted non-blocking DMA allocations use coherent pools (bsc#1175898, ECO-2743).\n- x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907).\n- x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).\n- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/events: add a new \u0027late EOI\u0027 evtchn framework (XSA-332 bsc#1177411).\n- xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).\n- xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).\n- xen/events: block rogue events for some time (XSA-332 bsc#1177411).\n- xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).\n- xen/events: do not use chip_data for legacy IRQs (bsc#1065600).\n- xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).\n- xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).\n- xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).\n- xen/gntdev.c: Mark pages as dirty (bsc#1065600).\n- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/pvcallsback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).\n- xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146).\n- xfs: do not update mtime on COW faults (bsc#1167030).\n- xfs: fix high key handling in the rt allocator\u0027s query_range function (git-fixes).\n- xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes).\n- xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files (git-fixes).\n- xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).\n- xfs: force the log after remapping a synchronous-writes file (git-fixes).\n- xfs: introduce XFS_MAX_FILEOFF (bsc#1166166).\n- xfs: limit entries returned when counting fsmap records (git-fixes).\n- xfs: remove unused variable \u0027done\u0027 (bsc#1166166).\n- xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes).\n- xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166).\n- xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes).\n- xprtrdma: fix incorrect header size calculations (git-fixes).\n- yam: fix possible memory leak in yam_init_driver (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2112",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2112-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2112-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4EZ6GLHJ7GRNO5SFTV2VI7JJOEEIMD6U/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2112-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4EZ6GLHJ7GRNO5SFTV2VI7JJOEEIMD6U/"
},
{
"category": "self",
"summary": "SUSE Bug 1055014",
"url": "https://bugzilla.suse.com/1055014"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1061843",
"url": "https://bugzilla.suse.com/1061843"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1066382",
"url": "https://bugzilla.suse.com/1066382"
},
{
"category": "self",
"summary": "SUSE Bug 1077428",
"url": "https://bugzilla.suse.com/1077428"
},
{
"category": "self",
"summary": "SUSE Bug 1129923",
"url": "https://bugzilla.suse.com/1129923"
},
{
"category": "self",
"summary": "SUSE Bug 1134760",
"url": "https://bugzilla.suse.com/1134760"
},
{
"category": "self",
"summary": "SUSE Bug 1149032",
"url": "https://bugzilla.suse.com/1149032"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155798",
"url": "https://bugzilla.suse.com/1155798"
},
{
"category": "self",
"summary": "SUSE Bug 1163592",
"url": "https://bugzilla.suse.com/1163592"
},
{
"category": "self",
"summary": "SUSE Bug 1164648",
"url": "https://bugzilla.suse.com/1164648"
},
{
"category": "self",
"summary": "SUSE Bug 1165692",
"url": "https://bugzilla.suse.com/1165692"
},
{
"category": "self",
"summary": "SUSE Bug 1166146",
"url": "https://bugzilla.suse.com/1166146"
},
{
"category": "self",
"summary": "SUSE Bug 1166166",
"url": "https://bugzilla.suse.com/1166166"
},
{
"category": "self",
"summary": "SUSE Bug 1167030",
"url": "https://bugzilla.suse.com/1167030"
},
{
"category": "self",
"summary": "SUSE Bug 1168468",
"url": "https://bugzilla.suse.com/1168468"
},
{
"category": "self",
"summary": "SUSE Bug 1170415",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "self",
"summary": "SUSE Bug 1171675",
"url": "https://bugzilla.suse.com/1171675"
},
{
"category": "self",
"summary": "SUSE Bug 1171688",
"url": "https://bugzilla.suse.com/1171688"
},
{
"category": "self",
"summary": "SUSE Bug 1174003",
"url": "https://bugzilla.suse.com/1174003"
},
{
"category": "self",
"summary": "SUSE Bug 1174098",
"url": "https://bugzilla.suse.com/1174098"
},
{
"category": "self",
"summary": "SUSE Bug 1174748",
"url": "https://bugzilla.suse.com/1174748"
},
{
"category": "self",
"summary": "SUSE Bug 1174969",
"url": "https://bugzilla.suse.com/1174969"
},
{
"category": "self",
"summary": "SUSE Bug 1175052",
"url": "https://bugzilla.suse.com/1175052"
},
{
"category": "self",
"summary": "SUSE Bug 1175306",
"url": "https://bugzilla.suse.com/1175306"
},
{
"category": "self",
"summary": "SUSE Bug 1175599",
"url": "https://bugzilla.suse.com/1175599"
},
{
"category": "self",
"summary": "SUSE Bug 1175621",
"url": "https://bugzilla.suse.com/1175621"
},
{
"category": "self",
"summary": "SUSE Bug 1175718",
"url": "https://bugzilla.suse.com/1175718"
},
{
"category": "self",
"summary": "SUSE Bug 1175721",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "self",
"summary": "SUSE Bug 1175749",
"url": "https://bugzilla.suse.com/1175749"
},
{
"category": "self",
"summary": "SUSE Bug 1175807",
"url": "https://bugzilla.suse.com/1175807"
},
{
"category": "self",
"summary": "SUSE Bug 1175898",
"url": "https://bugzilla.suse.com/1175898"
},
{
"category": "self",
"summary": "SUSE Bug 1176019",
"url": "https://bugzilla.suse.com/1176019"
},
{
"category": "self",
"summary": "SUSE Bug 1176354",
"url": "https://bugzilla.suse.com/1176354"
},
{
"category": "self",
"summary": "SUSE Bug 1176381",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "self",
"summary": "SUSE Bug 1176400",
"url": "https://bugzilla.suse.com/1176400"
},
{
"category": "self",
"summary": "SUSE Bug 1176485",
"url": "https://bugzilla.suse.com/1176485"
},
{
"category": "self",
"summary": "SUSE Bug 1176588",
"url": "https://bugzilla.suse.com/1176588"
},
{
"category": "self",
"summary": "SUSE Bug 1176713",
"url": "https://bugzilla.suse.com/1176713"
},
{
"category": "self",
"summary": "SUSE Bug 1176907",
"url": "https://bugzilla.suse.com/1176907"
},
{
"category": "self",
"summary": "SUSE Bug 1176979",
"url": "https://bugzilla.suse.com/1176979"
},
{
"category": "self",
"summary": "SUSE Bug 1177086",
"url": "https://bugzilla.suse.com/1177086"
},
{
"category": "self",
"summary": "SUSE Bug 1177090",
"url": "https://bugzilla.suse.com/1177090"
},
{
"category": "self",
"summary": "SUSE Bug 1177109",
"url": "https://bugzilla.suse.com/1177109"
},
{
"category": "self",
"summary": "SUSE Bug 1177121",
"url": "https://bugzilla.suse.com/1177121"
},
{
"category": "self",
"summary": "SUSE Bug 1177193",
"url": "https://bugzilla.suse.com/1177193"
},
{
"category": "self",
"summary": "SUSE Bug 1177194",
"url": "https://bugzilla.suse.com/1177194"
},
{
"category": "self",
"summary": "SUSE Bug 1177206",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "self",
"summary": "SUSE Bug 1177258",
"url": "https://bugzilla.suse.com/1177258"
},
{
"category": "self",
"summary": "SUSE Bug 1177271",
"url": "https://bugzilla.suse.com/1177271"
},
{
"category": "self",
"summary": "SUSE Bug 1177281",
"url": "https://bugzilla.suse.com/1177281"
},
{
"category": "self",
"summary": "SUSE Bug 1177283",
"url": "https://bugzilla.suse.com/1177283"
},
{
"category": "self",
"summary": "SUSE Bug 1177284",
"url": "https://bugzilla.suse.com/1177284"
},
{
"category": "self",
"summary": "SUSE Bug 1177285",
"url": "https://bugzilla.suse.com/1177285"
},
{
"category": "self",
"summary": "SUSE Bug 1177286",
"url": "https://bugzilla.suse.com/1177286"
},
{
"category": "self",
"summary": "SUSE Bug 1177297",
"url": "https://bugzilla.suse.com/1177297"
},
{
"category": "self",
"summary": "SUSE Bug 1177353",
"url": "https://bugzilla.suse.com/1177353"
},
{
"category": "self",
"summary": "SUSE Bug 1177384",
"url": "https://bugzilla.suse.com/1177384"
},
{
"category": "self",
"summary": "SUSE Bug 1177410",
"url": "https://bugzilla.suse.com/1177410"
},
{
"category": "self",
"summary": "SUSE Bug 1177411",
"url": "https://bugzilla.suse.com/1177411"
},
{
"category": "self",
"summary": "SUSE Bug 1177470",
"url": "https://bugzilla.suse.com/1177470"
},
{
"category": "self",
"summary": "SUSE Bug 1177511",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "self",
"summary": "SUSE Bug 1177617",
"url": "https://bugzilla.suse.com/1177617"
},
{
"category": "self",
"summary": "SUSE Bug 1177681",
"url": "https://bugzilla.suse.com/1177681"
},
{
"category": "self",
"summary": "SUSE Bug 1177683",
"url": "https://bugzilla.suse.com/1177683"
},
{
"category": "self",
"summary": "SUSE Bug 1177687",
"url": "https://bugzilla.suse.com/1177687"
},
{
"category": "self",
"summary": "SUSE Bug 1177694",
"url": "https://bugzilla.suse.com/1177694"
},
{
"category": "self",
"summary": "SUSE Bug 1177697",
"url": "https://bugzilla.suse.com/1177697"
},
{
"category": "self",
"summary": "SUSE Bug 1177719",
"url": "https://bugzilla.suse.com/1177719"
},
{
"category": "self",
"summary": "SUSE Bug 1177724",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "self",
"summary": "SUSE Bug 1177725",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "self",
"summary": "SUSE Bug 1177726",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "self",
"summary": "SUSE Bug 1177739",
"url": "https://bugzilla.suse.com/1177739"
},
{
"category": "self",
"summary": "SUSE Bug 1177749",
"url": "https://bugzilla.suse.com/1177749"
},
{
"category": "self",
"summary": "SUSE Bug 1177750",
"url": "https://bugzilla.suse.com/1177750"
},
{
"category": "self",
"summary": "SUSE Bug 1177754",
"url": "https://bugzilla.suse.com/1177754"
},
{
"category": "self",
"summary": "SUSE Bug 1177755",
"url": "https://bugzilla.suse.com/1177755"
},
{
"category": "self",
"summary": "SUSE Bug 1177765",
"url": "https://bugzilla.suse.com/1177765"
},
{
"category": "self",
"summary": "SUSE Bug 1177766",
"url": "https://bugzilla.suse.com/1177766"
},
{
"category": "self",
"summary": "SUSE Bug 1177799",
"url": "https://bugzilla.suse.com/1177799"
},
{
"category": "self",
"summary": "SUSE Bug 1177801",
"url": "https://bugzilla.suse.com/1177801"
},
{
"category": "self",
"summary": "SUSE Bug 1177814",
"url": "https://bugzilla.suse.com/1177814"
},
{
"category": "self",
"summary": "SUSE Bug 1177817",
"url": "https://bugzilla.suse.com/1177817"
},
{
"category": "self",
"summary": "SUSE Bug 1177854",
"url": "https://bugzilla.suse.com/1177854"
},
{
"category": "self",
"summary": "SUSE Bug 1177855",
"url": "https://bugzilla.suse.com/1177855"
},
{
"category": "self",
"summary": "SUSE Bug 1177856",
"url": "https://bugzilla.suse.com/1177856"
},
{
"category": "self",
"summary": "SUSE Bug 1177861",
"url": "https://bugzilla.suse.com/1177861"
},
{
"category": "self",
"summary": "SUSE Bug 1178002",
"url": "https://bugzilla.suse.com/1178002"
},
{
"category": "self",
"summary": "SUSE Bug 1178079",
"url": "https://bugzilla.suse.com/1178079"
},
{
"category": "self",
"summary": "SUSE Bug 1178123",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "self",
"summary": "SUSE Bug 1178166",
"url": "https://bugzilla.suse.com/1178166"
},
{
"category": "self",
"summary": "SUSE Bug 1178173",
"url": "https://bugzilla.suse.com/1178173"
},
{
"category": "self",
"summary": "SUSE Bug 1178175",
"url": "https://bugzilla.suse.com/1178175"
},
{
"category": "self",
"summary": "SUSE Bug 1178176",
"url": "https://bugzilla.suse.com/1178176"
},
{
"category": "self",
"summary": "SUSE Bug 1178177",
"url": "https://bugzilla.suse.com/1178177"
},
{
"category": "self",
"summary": "SUSE Bug 1178183",
"url": "https://bugzilla.suse.com/1178183"
},
{
"category": "self",
"summary": "SUSE Bug 1178184",
"url": "https://bugzilla.suse.com/1178184"
},
{
"category": "self",
"summary": "SUSE Bug 1178185",
"url": "https://bugzilla.suse.com/1178185"
},
{
"category": "self",
"summary": "SUSE Bug 1178186",
"url": "https://bugzilla.suse.com/1178186"
},
{
"category": "self",
"summary": "SUSE Bug 1178190",
"url": "https://bugzilla.suse.com/1178190"
},
{
"category": "self",
"summary": "SUSE Bug 1178191",
"url": "https://bugzilla.suse.com/1178191"
},
{
"category": "self",
"summary": "SUSE Bug 1178246",
"url": "https://bugzilla.suse.com/1178246"
},
{
"category": "self",
"summary": "SUSE Bug 1178255",
"url": "https://bugzilla.suse.com/1178255"
},
{
"category": "self",
"summary": "SUSE Bug 1178307",
"url": "https://bugzilla.suse.com/1178307"
},
{
"category": "self",
"summary": "SUSE Bug 1178330",
"url": "https://bugzilla.suse.com/1178330"
},
{
"category": "self",
"summary": "SUSE Bug 1178393",
"url": "https://bugzilla.suse.com/1178393"
},
{
"category": "self",
"summary": "SUSE Bug 1178395",
"url": "https://bugzilla.suse.com/1178395"
},
{
"category": "self",
"summary": "SUSE Bug 1178461",
"url": "https://bugzilla.suse.com/1178461"
},
{
"category": "self",
"summary": "SUSE Bug 1178579",
"url": "https://bugzilla.suse.com/1178579"
},
{
"category": "self",
"summary": "SUSE Bug 1178581",
"url": "https://bugzilla.suse.com/1178581"
},
{
"category": "self",
"summary": "SUSE Bug 1178584",
"url": "https://bugzilla.suse.com/1178584"
},
{
"category": "self",
"summary": "SUSE Bug 1178585",
"url": "https://bugzilla.suse.com/1178585"
},
{
"category": "self",
"summary": "SUSE Bug 802154",
"url": "https://bugzilla.suse.com/802154"
},
{
"category": "self",
"summary": "SUSE Bug 954532",
"url": "https://bugzilla.suse.com/954532"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12352 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-16120 page",
"url": "https://www.suse.com/security/cve/CVE-2020-16120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24490 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25212 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25285 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25641 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25643 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25645 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25668 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25704 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8694 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8694/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-11-29T15:25:26Z",
"generator": {
"date": "2020-11-29T15:25:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2112-1",
"initial_release_date": "2020-11-29T15:25:26Z",
"revision_history": [
{
"date": "2020-11-29T15:25:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"product_id": "kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-12352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12352"
}
],
"notes": [
{
"category": "general",
"text": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12352",
"url": "https://www.suse.com/security/cve/CVE-2020-12352"
},
{
"category": "external",
"summary": "SUSE Bug 1177725 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "external",
"summary": "SUSE Bug 1178398 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1178398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-12352"
},
{
"cve": "CVE-2020-14351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14351"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14351",
"url": "https://www.suse.com/security/cve/CVE-2020-14351"
},
{
"category": "external",
"summary": "SUSE Bug 1177086 for CVE-2020-14351",
"url": "https://bugzilla.suse.com/1177086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-14351"
},
{
"cve": "CVE-2020-16120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-16120"
}
],
"notes": [
{
"category": "general",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-16120",
"url": "https://www.suse.com/security/cve/CVE-2020-16120"
},
{
"category": "external",
"summary": "SUSE Bug 1177470 for CVE-2020-16120",
"url": "https://bugzilla.suse.com/1177470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2020-24490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24490"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24490",
"url": "https://www.suse.com/security/cve/CVE-2020-24490"
},
{
"category": "external",
"summary": "SUSE Bug 1177726 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "external",
"summary": "SUSE Bug 1177727 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-24490"
},
{
"cve": "CVE-2020-25212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25212"
}
],
"notes": [
{
"category": "general",
"text": "A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25212",
"url": "https://www.suse.com/security/cve/CVE-2020-25212"
},
{
"category": "external",
"summary": "SUSE Bug 1176381 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "external",
"summary": "SUSE Bug 1176382 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176382"
},
{
"category": "external",
"summary": "SUSE Bug 1177027 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1177027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-25212"
},
{
"cve": "CVE-2020-25285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25285"
}
],
"notes": [
{
"category": "general",
"text": "A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25285",
"url": "https://www.suse.com/security/cve/CVE-2020-25285"
},
{
"category": "external",
"summary": "SUSE Bug 1176485 for CVE-2020-25285",
"url": "https://bugzilla.suse.com/1176485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-25285"
},
{
"cve": "CVE-2020-25641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25641"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25641",
"url": "https://www.suse.com/security/cve/CVE-2020-25641"
},
{
"category": "external",
"summary": "SUSE Bug 1177121 for CVE-2020-25641",
"url": "https://bugzilla.suse.com/1177121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-25641"
},
{
"cve": "CVE-2020-25643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25643"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25643",
"url": "https://www.suse.com/security/cve/CVE-2020-25643"
},
{
"category": "external",
"summary": "SUSE Bug 1177206 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "external",
"summary": "SUSE Bug 1177226 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-25643"
},
{
"cve": "CVE-2020-25645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25645"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25645",
"url": "https://www.suse.com/security/cve/CVE-2020-25645"
},
{
"category": "external",
"summary": "SUSE Bug 1177511 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "external",
"summary": "SUSE Bug 1177513 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-25645"
},
{
"cve": "CVE-2020-25656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25656"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25656",
"url": "https://www.suse.com/security/cve/CVE-2020-25656"
},
{
"category": "external",
"summary": "SUSE Bug 1177766 for CVE-2020-25656",
"url": "https://bugzilla.suse.com/1177766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-25656"
},
{
"cve": "CVE-2020-25668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25668"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25668",
"url": "https://www.suse.com/security/cve/CVE-2020-25668"
},
{
"category": "external",
"summary": "SUSE Bug 1178123 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "external",
"summary": "SUSE Bug 1178622 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178622"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1196914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-25668"
},
{
"cve": "CVE-2020-25704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25704"
}
],
"notes": [
{
"category": "general",
"text": "A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25704",
"url": "https://www.suse.com/security/cve/CVE-2020-25704"
},
{
"category": "external",
"summary": "SUSE Bug 1178393 for CVE-2020-25704",
"url": "https://bugzilla.suse.com/1178393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
},
{
"cve": "CVE-2020-8694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8694"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8694",
"url": "https://www.suse.com/security/cve/CVE-2020-8694"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178591"
},
{
"category": "external",
"summary": "SUSE Bug 1178700 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178700"
},
{
"category": "external",
"summary": "SUSE Bug 1179661 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1179661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.50.1.lp152.8.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-29T15:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2020-8694"
}
]
}
OPENSUSE-SU-2020:2161-1
Vulnerability from csaf_opensuse - Published: 2020-12-04 22:35 - Updated: 2020-12-04 22:35Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-29369: There was a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 bnc#1179432).
- CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c, where uninitialized memory could leak to userspace, aka CID-bcf85fcedfdd (bnc#1179429).
- CVE-2020-15436: Use-after-free vulnerability in fs/block_dev.c allowed local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field (bnc#1179141).
- CVE-2020-25705: A flaw in the way reply ICMP packets are limited was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions may be vulnerable to this issue (bnc#1175721 bnc#1178782).
- CVE-2020-15437: The Linux kernel was vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allowed local users to cause a denial of service by using the p->serial_in pointer which uninitialized (bnc#1179140).
- CVE-2020-27777: Restricted RTAS requests from userspace (bsc#1179107).
- CVE-2020-28974: A slab-out-of-bounds read in fbcon could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height (bnc#1178589).
- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666).
- CVE-2020-28941: Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once (bnc#1178740).
- CVE-2020-28915: A buffer over-read (at the framebuffer layer) in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def (bnc#1178886).
- CVE-2020-25669: Avoid a use-after-free in teardown paths in sunkbd (bsc#1178182).
The following non-security bugs were fixed:
- 9P: Cast to loff_t before multiplying (git-fixes).
- ACPI: GED: fix -Wformat (git-fixes).
- ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
- ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes).
- ACPI: dock: fix enum-conversion warning (git-fixes).
- ACPICA: Add NHLT table signature (bsc#1176200).
- ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).
- ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes).
- ALSA: hda/realtek - Add supported mute Led for HP (git-fixes).
- ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes).
- ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
- ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes).
- ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes).
- ALSA: mixart: Fix mutex deadlock (git-fixes).
- ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).
- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
- Add bug reference to two hv_netvsc patches (bsc#1178853).
- Convert trailing spaces and periods in path components (bsc#1179424).
- Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076).
- Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64.
- EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001).
- EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001).
- EDAC/amd64: Gather hardware information early (bsc#1179001).
- EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001).
- EDAC/amd64: Make struct amd64_family_type global (bsc#1179001).
- EDAC/amd64: Save max number of controllers to family type (bsc#1179001).
- EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001).
- Fix wrongly set CONFIG_SOUNDWIRE=y (bsc#1179201) CONFIG_SOUNDWIRE was mistakenly set as built-in. Mark it as module.
- HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes).
- HID: logitech-dj: Fix an error in mse_bluetooth_descriptor (git-fixes).
- HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes).
- HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes).
- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
- Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes).
- KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 does not return SMCCC_RET_NOT_REQUIRED (git-fixes).
- NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
- NFSv4.x recover from pre-mature loss of openstateid (bsc#1176180).
- NFSv4: Handle NFS4ERR_OLD_STATEID in CLOSE/OPEN_DOWNGRADE (bsc#1176180).
- NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE (bsc#1176180).
- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP (jsc#SLE-8449).
- RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449).
- RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449).
- RDMA/hns: Solve the overflow of the calc_pg_sz() (jsc#SLE-8449).
- RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464).
- RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215).
- RDMA/ucma: Add missing locking around rdma_leave_multicast() (git-fixes).
- Revert 'cdc-acm: hardening against malicious devices' (git-fixes).
- Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (git-fixes).
- SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (git-fixes).
- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1154353).
- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
- USB: core: Change %pK for __user pointers to %px (git-fixes).
- USB: core: Fix regression in Hercules audio card (git-fixes).
- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).
- USB: serial: option: add Quectel EC200T module support (git-fixes).
- USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
- arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes).
- arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs (git-fixes).
- arm64: bpf: Fix branch offset in JIT (git-fixes).
- arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes).
- arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes).
- arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes).
- arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes).
- arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes).
- arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes).
- arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes).
- arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes).
- arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes).
- arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes).
- arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes).
- arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes).
- arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes).
- arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes).
- arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes).
- arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes).
- arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes).
- arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes).
- batman-adv: set .owner to THIS_MODULE (git-fixes).
- bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Invoke cancel_delayed_work_sync() for PFs also (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274).
- bnxt_en: return proper error codes in bnxt_show_temp (git-fixes).
- bpf: Do not rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1155518).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1155518).
- bpf: Zero-fill re-used per-cpu map element (bsc#1155518).
- btrfs: fix bytes_may_use underflow in prealloc error condtition (bsc#1179217).
- btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217).
- btrfs: fix relocation failure due to race with fallocate (bsc#1179217).
- btrfs: remove item_size member of struct btrfs_clone_extent_info (bsc#1179217).
- btrfs: rename btrfs_insert_clone_extent() to a more generic name (bsc#1179217).
- btrfs: rename btrfs_punch_hole_range() to a more generic name (bsc#1179217).
- btrfs: rename struct btrfs_clone_extent_info to a more generic name (bsc#1179217).
- can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).
- can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).
- can: dev: can_restart(): post buffer from the right context (git-fixes).
- can: flexcan: flexcan_setup_stop_mode(): add missing 'req_bit' to stop mode property comment (git-fixes).
- can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
- can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits (git-fixes).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
- can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).
- can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
- ceph: add check_session_state() helper and make it global (bsc#1179012).
- ceph: check session state after bumping session->s_seq (bsc#1179012).
- ceph: check the sesion state and return false in case it is closed (bsc#1179012).
- ceph: downgrade warning from mdsmap decode to debug (bsc#1178653).
- ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
- cfg80211: initialize wdev data earlier (git-fixes).
- cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
- cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
- cifs: remove bogus debug code (bsc#1179427).
- clk: define to_clk_regmap() as inline function (git-fixes).
- cosa: Add missing kfree in error path of cosa_write (git-fixes).
- dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073).
- dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073).
- devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353).
- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
- drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).
- drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397).
- efi/efivars: Set generic ops before loading SSDT (git-fixes).
- efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).
- efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes).
- efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes).
- efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
- efi/x86: Fix the deletion of variables in mixed mode (git-fixes).
- efi/x86: Free efi_pgd with free_pages() (git-fixes).
- efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes).
- efi/x86: Ignore the memory attributes table on i386 (git-fixes).
- efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
- efi: EFI_EARLYCON should depend on EFI (git-fixes).
- efi: add missed destroy_workqueue when efisubsys_init fails (git-fixes).
- efi: efibc: check for efivars write capability (git-fixes).
- efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
- efivarfs: fix memory leak in efivarfs_create() (git-fixes).
- efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes).
- fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (git-fixes).
- ftrace: Fix recursion check for NMI test (git-fixes).
- ftrace: Handle tracing when switching between context (git-fixes).
- futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1149032).
- futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1149032).
- gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes).
- gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes).
- gpio: pcie-idio-24: Fix irq mask when masking (git-fixes).
- hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions (git-fixes).
- hv_balloon: disable warning when floor reached (git-fixes).
- hv_netvsc: Add XDP support (bsc#1177820).
- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820).
- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820).
- hv_netvsc: record hardware hash in skb (bsc#1177820).
- hwmon: (pwm-fan) Fix RPM calculation (git-fixes).
- i2c: mediatek: move dma reset before i2c reset (git-fixes).
- i2c: sh_mobile: implement atomic transfers (git-fixes).
- igc: Fix not considering the TX delay for timestamps (bsc#1160634).
- igc: Fix wrong timestamp latency numbers (bsc#1160634).
- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
- iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).
- iio: adc: mediatek: fix unset field (git-fixes).
- iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes).
- intel_idle: Customize IceLake server support (bsc#1178286).
- ionic: check port ptr before use (bsc#1167773).
- iwlwifi: mvm: write queue_sync_state only for sync (git-fixes).
- kABI workaround for HD-audio (git-fixes).
- kABI: revert use_mm name change (MM Functionality, bsc#1178426).
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015).
- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- kernel/watchdog: fix watchdog_allowed_mask not used warning (git-fixes).
- kernel: better document the use_mm/unuse_mm API contract (MM Functionality, bsc#1178426).
- kgdb: Fix spurious true from in_dbg_master() (git-fixes).
- kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).
- lan743x: fix 'BUG: invalid wait context' when setting rx mode (git-fixes).
- lan743x: fix issue causing intermittent kernel log warnings (git-fixes).
- lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes).
- lib/crc32test: remove extra local_irq_disable/enable (git-fixes).
- lib/strncpy_from_user.c: Mask out bytes after NUL terminator (bsc#1155518).
- libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518).
- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
- libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- mac80211: always wind down STA state (git-fixes).
- mac80211: fix use of skb payload instead of header (git-fixes).
- mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
- mac80211: minstrel: fix tx status processing corner case (git-fixes).
- mac80211: minstrel: remove deferred sampling code (git-fixes).
- mei: protect mei_cl_mtu from null dereference (git-fixes).
- memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).
- mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes).
- mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755).
- mm, memcg: fix inconsistent oom event behavior (bsc#1178659).
- mm/gup: allow FOLL_FORCE for get_user_pages_fast() (git fixes (mm/gup)).
- mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235).
- mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)).
- mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
- mm/memcontrol.c: add missed css_put() (bsc#1178661).
- mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426).
- mm: fix kthread_use_mm() vs TLB invalidate (MM Functionality, bsc#1178426).
- mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)).
- mm: swap: make page_evictable() inline (git fixes (mm/vmscan)).
- mm: swap: use smp_mb__after_atomic() to order LRU bit set (git fixes (mm/vmscan)).
- mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (git-fixes).
- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
- mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes).
- modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076).
- net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464).
- net/mlx5: E-Switch, Fail mlx5_esw_modify_vport_rate if qos disabled (jsc#SLE-8464).
- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).
- net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
- net: ena: Change RSS related macros and variables names (bsc#1177397).
- net: ena: Change license into format to SPDX in all files (bsc#1177397).
- net: ena: Change log message to netif/dev function (bsc#1177397).
- net: ena: Fix all static chekers' warnings (bsc#1177397).
- net: ena: Remove redundant print of placement policy (bsc#1177397).
- net: ena: ethtool: Add new device statistics (bsc#1177397).
- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
- net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
- net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
- net: ena: handle bad request id in ena_netdev (bsc#1174852).
- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
- net: fix pos incrementment in ipv6_route_seq_next (bsc#1154353).
- net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873).
- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
- nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873).
- nvme: do not update disk info for multipathed device (bsc#1171558).
- pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
- pinctrl: aspeed: Fix GPI only function problem (git-fixes).
- pinctrl: intel: Set default bias in case no particular value given (git-fixes).
- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
- powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm (MM Functionality, bsc#1178426).
- powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915).
- powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321).
- powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321).
- powerpc/pseries: new lparcfg key/value pair: partition_affinity_score (jsc#SLE-16360 jsc#SLE-16915).
- powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
- powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321).
- powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (MM Functionality, bsc#1178426).
- qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160).
- reboot: fix overflow parsing reboot cpu number (git-fixes).
- regulator: avoid resolve_supply() infinite recursion (git-fixes).
- regulator: fix memory leak with repeated set_machine_constraints() (git-fixes).
- regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes).
- regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).
- regulator: workaround self-referent regulators (git-fixes).
- rfkill: Fix use-after-free in rfkill_resume() (git-fixes).
- ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).
- rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014)
- rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014)
- rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045)
- rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).
- rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one).
- s390/bpf: Fix multiple tail calls (git-fixes).
- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175918 LTC#187935).
- s390/cpum_sf.c: fix file permission for cpum_sfb_size (git-fixes).
- s390/dasd: fix null pointer dereference for ERP requests (git-fixes).
- s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1177070 LTC#188342).
- s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341).
- sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)).
- sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (git fixes (sched)).
- sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227).
- sched: Fix rq->nr_iowait ordering (git fixes (sched)).
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- scsi: libiscsi: Fix NOP race condition (bsc#1176481).
- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873).
- spi: lpspi: Fix use-after-free on unbind (git-fixes).
- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).
- svcrdma: fix bounce buffers for unaligned offsets and multiple pages (git-fixes).
- tcp: use sendpage_ok() to detect misused .sendpage (bsc#1172873).
- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes).
- thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (git-fixes).
- timer: Fix wheel index calculation on last level (git-fixes).
- timer: Prevent base->clk from moving backward (git-fixes).
- tpm: efi: Do not create binary_bios_measurements file for an empty log (git-fixes).
- tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes).
- tracing: Fix out of bounds write in get_trace_buf (git-fixes).
- tty: serial: fsl_lpuart: LS1021A had a FIFO size of 16 words, like LS1028A (git-fixes).
- tty: serial: fsl_lpuart: add LS1028A support (git-fixes).
- tty: serial: imx: fix potential deadlock (git-fixes).
- tty: serial: imx: keep console clocks always on (git-fixes).
- uio: Fix use-after-free in uio_unregister_device() (git-fixes).
- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
- usb: core: driver: fix stray tabs in error messages (git-fixes).
- usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
- usb: gadget: goku_udc: fix potential crashes in probe (git-fixes).
- usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).
- usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).
- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
- video: hyperv_fb: include vmalloc.h (git-fixes).
- virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes).
- vt: Disable KD_FONT_OP_COPY (bsc#1178589).
- x86/hyperv: Clarify comment on x2apic mode (git-fixes).
- x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes).
- x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489).
- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489).
- xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
- xfs: fix brainos in the refcount scrubber's rmap fragment processor (git-fixes).
- xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
- xfs: fix rmap key and record comparison functions (git-fixes).
- xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes).
- xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (git-fixes).
- xhci: Fix sizeof() mismatch (git-fixes).
- xhci: hisilicon: fix refercence leak in xhci_histb_probe (git-fixes).
Patchnames: openSUSE-2020-2161
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.4 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
115 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-29369: There was a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 bnc#1179432).\n- CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c, where uninitialized memory could leak to userspace, aka CID-bcf85fcedfdd (bnc#1179429).\n- CVE-2020-15436: Use-after-free vulnerability in fs/block_dev.c allowed local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field (bnc#1179141).\n- CVE-2020-25705: A flaw in the way reply ICMP packets are limited was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions may be vulnerable to this issue (bnc#1175721 bnc#1178782).\n- CVE-2020-15437: The Linux kernel was vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allowed local users to cause a denial of service by using the p-\u003eserial_in pointer which uninitialized (bnc#1179140).\n- CVE-2020-27777: Restricted RTAS requests from userspace (bsc#1179107). \n- CVE-2020-28974: A slab-out-of-bounds read in fbcon could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height (bnc#1178589).\n- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666).\n- CVE-2020-28941: Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once (bnc#1178740).\n- CVE-2020-28915: A buffer over-read (at the framebuffer layer) in the fbcon code could be used by local attackers to read kernel memory, aka CID-6735b4632def (bnc#1178886).\n- CVE-2020-25669: Avoid a use-after-free in teardown paths in sunkbd (bsc#1178182).\n\nThe following non-security bugs were fixed:\n\n- 9P: Cast to loff_t before multiplying (git-fixes).\n- ACPI: GED: fix -Wformat (git-fixes).\n- ACPI: NFIT: Fix comparison to \u0027-ENXIO\u0027 (git-fixes).\n- ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes).\n- ACPI: dock: fix enum-conversion warning (git-fixes).\n- ACPICA: Add NHLT table signature (bsc#1176200).\n- ALSA: ctl: fix error path at adding user-defined element set (git-fixes).\n- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).\n- ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes).\n- ALSA: hda/realtek - Add supported mute Led for HP (git-fixes).\n- ALSA: hda/realtek - HP Headset Mic can\u0027t detect after boot (git-fixes).\n- ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).\n- ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes).\n- ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes).\n- ALSA: mixart: Fix mutex deadlock (git-fixes).\n- ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).\n- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).\n- Add bug reference to two hv_netvsc patches (bsc#1178853).\n- Convert trailing spaces and periods in path components (bsc#1179424).\n- Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076).\n- Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64.\n- EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001).\n- EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001).\n- EDAC/amd64: Gather hardware information early (bsc#1179001).\n- EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001).\n- EDAC/amd64: Make struct amd64_family_type global (bsc#1179001).\n- EDAC/amd64: Save max number of controllers to family type (bsc#1179001).\n- EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001).\n- Fix wrongly set CONFIG_SOUNDWIRE=y (bsc#1179201) CONFIG_SOUNDWIRE was mistakenly set as built-in. Mark it as module.\n- HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes).\n- HID: logitech-dj: Fix an error in mse_bluetooth_descriptor (git-fixes).\n- HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes).\n- HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes).\n- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).\n- Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes).\n- KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 does not return SMCCC_RET_NOT_REQUIRED (git-fixes).\n- NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).\n- NFSv4.x recover from pre-mature loss of openstateid (bsc#1176180).\n- NFSv4: Handle NFS4ERR_OLD_STATEID in CLOSE/OPEN_DOWNGRADE (bsc#1176180).\n- NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE (bsc#1176180).\n- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP (jsc#SLE-8449).\n- RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449).\n- RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449).\n- RDMA/hns: Solve the overflow of the calc_pg_sz() (jsc#SLE-8449).\n- RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464).\n- RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215).\n- RDMA/ucma: Add missing locking around rdma_leave_multicast() (git-fixes).\n- Revert \u0027cdc-acm: hardening against malicious devices\u0027 (git-fixes).\n- Revert \u0027kernel/reboot.c: convert simple_strtoul to kstrtoint\u0027 (git-fixes).\n- SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (git-fixes).\n- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1154353).\n- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).\n- USB: core: Change %pK for __user pointers to %px (git-fixes).\n- USB: core: Fix regression in Hercules audio card (git-fixes).\n- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).\n- USB: serial: option: add Quectel EC200T module support (git-fixes).\n- USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).\n- arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes).\n- arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs (git-fixes).\n- arm64: bpf: Fix branch offset in JIT (git-fixes).\n- arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes).\n- arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes).\n- arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes).\n- arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes).\n- arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes).\n- arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes).\n- arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes).\n- arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes).\n- arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes).\n- arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes).\n- arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes).\n- arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes).\n- arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes).\n- arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes).\n- arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes).\n- arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes).\n- arm64: vdso: Add \u0027-Bsymbolic\u0027 to ldflags (git-fixes).\n- arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes).\n- batman-adv: set .owner to THIS_MODULE (git-fixes).\n- bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Check abort error state in bnxt_open_nic() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Invoke cancel_delayed_work_sync() for PFs also (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: return proper error codes in bnxt_show_temp (git-fixes).\n- bpf: Do not rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1155518).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1155518).\n- bpf: Zero-fill re-used per-cpu map element (bsc#1155518).\n- btrfs: fix bytes_may_use underflow in prealloc error condtition (bsc#1179217).\n- btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217).\n- btrfs: fix relocation failure due to race with fallocate (bsc#1179217).\n- btrfs: remove item_size member of struct btrfs_clone_extent_info (bsc#1179217).\n- btrfs: rename btrfs_insert_clone_extent() to a more generic name (bsc#1179217).\n- btrfs: rename btrfs_punch_hole_range() to a more generic name (bsc#1179217).\n- btrfs: rename struct btrfs_clone_extent_info to a more generic name (bsc#1179217).\n- can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).\n- can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).\n- can: dev: can_restart(): post buffer from the right context (git-fixes).\n- can: flexcan: flexcan_setup_stop_mode(): add missing \u0027req_bit\u0027 to stop mode property comment (git-fixes).\n- can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).\n- can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits (git-fixes).\n- can: m_can: fix nominal bitiming tseg2 min for version \u003e= 3.1 (git-fixes).\n- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).\n- can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).\n- can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).\n- ceph: add check_session_state() helper and make it global (bsc#1179012).\n- ceph: check session state after bumping session-\u003es_seq (bsc#1179012).\n- ceph: check the sesion state and return false in case it is closed (bsc#1179012).\n- ceph: downgrade warning from mdsmap decode to debug (bsc#1178653).\n- ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).\n- cfg80211: initialize wdev data earlier (git-fixes).\n- cfg80211: regulatory: Fix inconsistent format argument (git-fixes).\n- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).\n- cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).\n- cifs: remove bogus debug code (bsc#1179427).\n- clk: define to_clk_regmap() as inline function (git-fixes).\n- cosa: Add missing kfree in error path of cosa_write (git-fixes).\n- dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073).\n- dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073).\n- devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353).\n- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).\n- drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).\n- drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397).\n- efi/efivars: Set generic ops before loading SSDT (git-fixes).\n- efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).\n- efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes).\n- efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes).\n- efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).\n- efi/x86: Fix the deletion of variables in mixed mode (git-fixes).\n- efi/x86: Free efi_pgd with free_pages() (git-fixes).\n- efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes).\n- efi/x86: Ignore the memory attributes table on i386 (git-fixes).\n- efi/x86: Map the entire EFI vendor string before copying it (git-fixes).\n- efi: EFI_EARLYCON should depend on EFI (git-fixes).\n- efi: add missed destroy_workqueue when efisubsys_init fails (git-fixes).\n- efi: efibc: check for efivars write capability (git-fixes).\n- efi: provide empty efi_enter_virtual_mode implementation (git-fixes).\n- efivarfs: fix memory leak in efivarfs_create() (git-fixes).\n- efivarfs: revert \u0027fix memory leak in efivarfs_create()\u0027 (git-fixes).\n- fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (git-fixes).\n- ftrace: Fix recursion check for NMI test (git-fixes).\n- ftrace: Handle tracing when switching between context (git-fixes).\n- futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1149032).\n- futex: Handle transient \u0027ownerless\u0027 rtmutex state correctly (bsc#1149032).\n- gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes).\n- gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes).\n- gpio: pcie-idio-24: Fix irq mask when masking (git-fixes).\n- hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions (git-fixes).\n- hv_balloon: disable warning when floor reached (git-fixes).\n- hv_netvsc: Add XDP support (bsc#1177820).\n- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820).\n- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820).\n- hv_netvsc: record hardware hash in skb (bsc#1177820).\n- hwmon: (pwm-fan) Fix RPM calculation (git-fixes).\n- i2c: mediatek: move dma reset before i2c reset (git-fixes).\n- i2c: sh_mobile: implement atomic transfers (git-fixes).\n- igc: Fix not considering the TX delay for timestamps (bsc#1160634).\n- igc: Fix wrong timestamp latency numbers (bsc#1160634).\n- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).\n- iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).\n- iio: adc: mediatek: fix unset field (git-fixes).\n- iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes).\n- intel_idle: Customize IceLake server support (bsc#1178286).\n- ionic: check port ptr before use (bsc#1167773).\n- iwlwifi: mvm: write queue_sync_state only for sync (git-fixes).\n- kABI workaround for HD-audio (git-fixes).\n- kABI: revert use_mm name change (MM Functionality, bsc#1178426).\n- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015).\n- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)\n- kernel/watchdog: fix watchdog_allowed_mask not used warning (git-fixes).\n- kernel: better document the use_mm/unuse_mm API contract (MM Functionality, bsc#1178426).\n- kgdb: Fix spurious true from in_dbg_master() (git-fixes).\n- kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).\n- lan743x: fix \u0027BUG: invalid wait context\u0027 when setting rx mode (git-fixes).\n- lan743x: fix issue causing intermittent kernel log warnings (git-fixes).\n- lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes).\n- lib/crc32test: remove extra local_irq_disable/enable (git-fixes).\n- lib/strncpy_from_user.c: Mask out bytes after NUL terminator (bsc#1155518).\n- libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518).\n- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).\n- libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- mac80211: always wind down STA state (git-fixes).\n- mac80211: fix use of skb payload instead of header (git-fixes).\n- mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).\n- mac80211: minstrel: fix tx status processing corner case (git-fixes).\n- mac80211: minstrel: remove deferred sampling code (git-fixes).\n- mei: protect mei_cl_mtu from null dereference (git-fixes).\n- memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).\n- mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes).\n- mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755).\n- mm, memcg: fix inconsistent oom event behavior (bsc#1178659).\n- mm/gup: allow FOLL_FORCE for get_user_pages_fast() (git fixes (mm/gup)).\n- mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235).\n- mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)).\n- mm/memcg: fix refcount error while moving and swapping (bsc#1178686).\n- mm/memcontrol.c: add missed css_put() (bsc#1178661).\n- mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426).\n- mm: fix kthread_use_mm() vs TLB invalidate (MM Functionality, bsc#1178426).\n- mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)).\n- mm: swap: make page_evictable() inline (git fixes (mm/vmscan)).\n- mm: swap: use smp_mb__after_atomic() to order LRU bit set (git fixes (mm/vmscan)).\n- mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (git-fixes).\n- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).\n- mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes).\n- modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076).\n- net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464).\n- net/mlx5: E-Switch, Fail mlx5_esw_modify_vport_rate if qos disabled (jsc#SLE-8464).\n- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).\n- net: ena: Capitalize all log strings and improve code readability (bsc#1177397).\n- net: ena: Change RSS related macros and variables names (bsc#1177397).\n- net: ena: Change license into format to SPDX in all files (bsc#1177397).\n- net: ena: Change log message to netif/dev function (bsc#1177397).\n- net: ena: Fix all static chekers\u0027 warnings (bsc#1177397).\n- net: ena: Remove redundant print of placement policy (bsc#1177397).\n- net: ena: ethtool: Add new device statistics (bsc#1177397).\n- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).\n- net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).\n- net: ena: fix packet\u0027s addresses for rx_offset feature (bsc#1174852).\n- net: ena: handle bad request id in ena_netdev (bsc#1174852).\n- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).\n- net: fix pos incrementment in ipv6_route_seq_next (bsc#1154353).\n- net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873).\n- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).\n- nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).\n- nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873).\n- nvme: do not update disk info for multipathed device (bsc#1171558).\n- pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).\n- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).\n- pinctrl: aspeed: Fix GPI only function problem (git-fixes).\n- pinctrl: intel: Set default bias in case no particular value given (git-fixes).\n- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes).\n- platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).\n- powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm (MM Functionality, bsc#1178426).\n- powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915).\n- powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321).\n- powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321).\n- powerpc/pseries: new lparcfg key/value pair: partition_affinity_score (jsc#SLE-16360 jsc#SLE-16915).\n- powerpc/vnic: Extend \u0027failover pending\u0027 window (bsc#1176855 ltc#187293).\n- powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321).\n- powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (MM Functionality, bsc#1178426).\n- qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160).\n- reboot: fix overflow parsing reboot cpu number (git-fixes).\n- regulator: avoid resolve_supply() infinite recursion (git-fixes).\n- regulator: fix memory leak with repeated set_machine_constraints() (git-fixes).\n- regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes).\n- regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).\n- regulator: workaround self-referent regulators (git-fixes).\n- rfkill: Fix use-after-free in rfkill_resume() (git-fixes).\n- ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).\n- rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014)\n- rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014)\n- rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045)\n- rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)\n- rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).\n- rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one).\n- s390/bpf: Fix multiple tail calls (git-fixes).\n- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175918 LTC#187935).\n- s390/cpum_sf.c: fix file permission for cpum_sfb_size (git-fixes).\n- s390/dasd: fix null pointer dereference for ERP requests (git-fixes).\n- s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes).\n- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1177070 LTC#188342).\n- s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341).\n- sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)).\n- sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (git fixes (sched)).\n- sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227).\n- sched: Fix rq-\u003enr_iowait ordering (git fixes (sched)).\n- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section\n- scsi: libiscsi: Fix NOP race condition (bsc#1176481).\n- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873).\n- spi: lpspi: Fix use-after-free on unbind (git-fixes).\n- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).\n- svcrdma: fix bounce buffers for unaligned offsets and multiple pages (git-fixes).\n- tcp: use sendpage_ok() to detect misused .sendpage (bsc#1172873).\n- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes).\n- thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (git-fixes).\n- timer: Fix wheel index calculation on last level (git-fixes).\n- timer: Prevent base-\u003eclk from moving backward (git-fixes).\n- tpm: efi: Do not create binary_bios_measurements file for an empty log (git-fixes).\n- tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes).\n- tracing: Fix out of bounds write in get_trace_buf (git-fixes).\n- tty: serial: fsl_lpuart: LS1021A had a FIFO size of 16 words, like LS1028A (git-fixes).\n- tty: serial: fsl_lpuart: add LS1028A support (git-fixes).\n- tty: serial: imx: fix potential deadlock (git-fixes).\n- tty: serial: imx: keep console clocks always on (git-fixes).\n- uio: Fix use-after-free in uio_unregister_device() (git-fixes).\n- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).\n- usb: core: driver: fix stray tabs in error messages (git-fixes).\n- usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).\n- usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).\n- usb: gadget: goku_udc: fix potential crashes in probe (git-fixes).\n- usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).\n- usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).\n- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).\n- video: hyperv_fb: include vmalloc.h (git-fixes).\n- virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes).\n- vt: Disable KD_FONT_OP_COPY (bsc#1178589).\n- x86/hyperv: Clarify comment on x2apic mode (git-fixes).\n- x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes).\n- x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489).\n- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489).\n- xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).\n- xfs: fix brainos in the refcount scrubber\u0027s rmap fragment processor (git-fixes).\n- xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).\n- xfs: fix rmap key and record comparison functions (git-fixes).\n- xfs: revert \u0027xfs: fix rmap key and record comparison functions\u0027 (git-fixes).\n- xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (git-fixes).\n- xhci: Fix sizeof() mismatch (git-fixes).\n- xhci: hisilicon: fix refercence leak in xhci_histb_probe (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2161",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2161-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2161-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ICEKZTGIQ6MSKDFOTIOJ2RLWAWJFPSYA/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2161-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ICEKZTGIQ6MSKDFOTIOJ2RLWAWJFPSYA/"
},
{
"category": "self",
"summary": "SUSE Bug 1149032",
"url": "https://bugzilla.suse.com/1149032"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1160634",
"url": "https://bugzilla.suse.com/1160634"
},
{
"category": "self",
"summary": "SUSE Bug 1167773",
"url": "https://bugzilla.suse.com/1167773"
},
{
"category": "self",
"summary": "SUSE Bug 1170139",
"url": "https://bugzilla.suse.com/1170139"
},
{
"category": "self",
"summary": "SUSE Bug 1171073",
"url": "https://bugzilla.suse.com/1171073"
},
{
"category": "self",
"summary": "SUSE Bug 1171558",
"url": "https://bugzilla.suse.com/1171558"
},
{
"category": "self",
"summary": "SUSE Bug 1172873",
"url": "https://bugzilla.suse.com/1172873"
},
{
"category": "self",
"summary": "SUSE Bug 1173504",
"url": "https://bugzilla.suse.com/1173504"
},
{
"category": "self",
"summary": "SUSE Bug 1174852",
"url": "https://bugzilla.suse.com/1174852"
},
{
"category": "self",
"summary": "SUSE Bug 1175721",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "self",
"summary": "SUSE Bug 1175918",
"url": "https://bugzilla.suse.com/1175918"
},
{
"category": "self",
"summary": "SUSE Bug 1176109",
"url": "https://bugzilla.suse.com/1176109"
},
{
"category": "self",
"summary": "SUSE Bug 1176180",
"url": "https://bugzilla.suse.com/1176180"
},
{
"category": "self",
"summary": "SUSE Bug 1176200",
"url": "https://bugzilla.suse.com/1176200"
},
{
"category": "self",
"summary": "SUSE Bug 1176481",
"url": "https://bugzilla.suse.com/1176481"
},
{
"category": "self",
"summary": "SUSE Bug 1176586",
"url": "https://bugzilla.suse.com/1176586"
},
{
"category": "self",
"summary": "SUSE Bug 1176855",
"url": "https://bugzilla.suse.com/1176855"
},
{
"category": "self",
"summary": "SUSE Bug 1176983",
"url": "https://bugzilla.suse.com/1176983"
},
{
"category": "self",
"summary": "SUSE Bug 1177066",
"url": "https://bugzilla.suse.com/1177066"
},
{
"category": "self",
"summary": "SUSE Bug 1177070",
"url": "https://bugzilla.suse.com/1177070"
},
{
"category": "self",
"summary": "SUSE Bug 1177353",
"url": "https://bugzilla.suse.com/1177353"
},
{
"category": "self",
"summary": "SUSE Bug 1177397",
"url": "https://bugzilla.suse.com/1177397"
},
{
"category": "self",
"summary": "SUSE Bug 1177666",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "self",
"summary": "SUSE Bug 1177703",
"url": "https://bugzilla.suse.com/1177703"
},
{
"category": "self",
"summary": "SUSE Bug 1177820",
"url": "https://bugzilla.suse.com/1177820"
},
{
"category": "self",
"summary": "SUSE Bug 1178182",
"url": "https://bugzilla.suse.com/1178182"
},
{
"category": "self",
"summary": "SUSE Bug 1178227",
"url": "https://bugzilla.suse.com/1178227"
},
{
"category": "self",
"summary": "SUSE Bug 1178286",
"url": "https://bugzilla.suse.com/1178286"
},
{
"category": "self",
"summary": "SUSE Bug 1178304",
"url": "https://bugzilla.suse.com/1178304"
},
{
"category": "self",
"summary": "SUSE Bug 1178401",
"url": "https://bugzilla.suse.com/1178401"
},
{
"category": "self",
"summary": "SUSE Bug 1178426",
"url": "https://bugzilla.suse.com/1178426"
},
{
"category": "self",
"summary": "SUSE Bug 1178589",
"url": "https://bugzilla.suse.com/1178589"
},
{
"category": "self",
"summary": "SUSE Bug 1178635",
"url": "https://bugzilla.suse.com/1178635"
},
{
"category": "self",
"summary": "SUSE Bug 1178653",
"url": "https://bugzilla.suse.com/1178653"
},
{
"category": "self",
"summary": "SUSE Bug 1178659",
"url": "https://bugzilla.suse.com/1178659"
},
{
"category": "self",
"summary": "SUSE Bug 1178661",
"url": "https://bugzilla.suse.com/1178661"
},
{
"category": "self",
"summary": "SUSE Bug 1178669",
"url": "https://bugzilla.suse.com/1178669"
},
{
"category": "self",
"summary": "SUSE Bug 1178686",
"url": "https://bugzilla.suse.com/1178686"
},
{
"category": "self",
"summary": "SUSE Bug 1178740",
"url": "https://bugzilla.suse.com/1178740"
},
{
"category": "self",
"summary": "SUSE Bug 1178755",
"url": "https://bugzilla.suse.com/1178755"
},
{
"category": "self",
"summary": "SUSE Bug 1178762",
"url": "https://bugzilla.suse.com/1178762"
},
{
"category": "self",
"summary": "SUSE Bug 1178782",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "self",
"summary": "SUSE Bug 1178838",
"url": "https://bugzilla.suse.com/1178838"
},
{
"category": "self",
"summary": "SUSE Bug 1178853",
"url": "https://bugzilla.suse.com/1178853"
},
{
"category": "self",
"summary": "SUSE Bug 1178886",
"url": "https://bugzilla.suse.com/1178886"
},
{
"category": "self",
"summary": "SUSE Bug 1179001",
"url": "https://bugzilla.suse.com/1179001"
},
{
"category": "self",
"summary": "SUSE Bug 1179012",
"url": "https://bugzilla.suse.com/1179012"
},
{
"category": "self",
"summary": "SUSE Bug 1179014",
"url": "https://bugzilla.suse.com/1179014"
},
{
"category": "self",
"summary": "SUSE Bug 1179015",
"url": "https://bugzilla.suse.com/1179015"
},
{
"category": "self",
"summary": "SUSE Bug 1179045",
"url": "https://bugzilla.suse.com/1179045"
},
{
"category": "self",
"summary": "SUSE Bug 1179076",
"url": "https://bugzilla.suse.com/1179076"
},
{
"category": "self",
"summary": "SUSE Bug 1179082",
"url": "https://bugzilla.suse.com/1179082"
},
{
"category": "self",
"summary": "SUSE Bug 1179107",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "self",
"summary": "SUSE Bug 1179140",
"url": "https://bugzilla.suse.com/1179140"
},
{
"category": "self",
"summary": "SUSE Bug 1179141",
"url": "https://bugzilla.suse.com/1179141"
},
{
"category": "self",
"summary": "SUSE Bug 1179160",
"url": "https://bugzilla.suse.com/1179160"
},
{
"category": "self",
"summary": "SUSE Bug 1179201",
"url": "https://bugzilla.suse.com/1179201"
},
{
"category": "self",
"summary": "SUSE Bug 1179211",
"url": "https://bugzilla.suse.com/1179211"
},
{
"category": "self",
"summary": "SUSE Bug 1179217",
"url": "https://bugzilla.suse.com/1179217"
},
{
"category": "self",
"summary": "SUSE Bug 1179424",
"url": "https://bugzilla.suse.com/1179424"
},
{
"category": "self",
"summary": "SUSE Bug 1179426",
"url": "https://bugzilla.suse.com/1179426"
},
{
"category": "self",
"summary": "SUSE Bug 1179427",
"url": "https://bugzilla.suse.com/1179427"
},
{
"category": "self",
"summary": "SUSE Bug 1179429",
"url": "https://bugzilla.suse.com/1179429"
},
{
"category": "self",
"summary": "SUSE Bug 1179432",
"url": "https://bugzilla.suse.com/1179432"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15436 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15437 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25669 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27777 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28915 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28941 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28974 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29369 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29371 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-4788 page",
"url": "https://www.suse.com/security/cve/CVE-2020-4788/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-12-04T22:35:01Z",
"generator": {
"date": "2020-12-04T22:35:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2161-1",
"initial_release_date": "2020-12-04T22:35:01Z",
"revision_history": [
{
"date": "2020-12-04T22:35:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-lp152.54.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-lp152.54.1.noarch",
"product_id": "kernel-devel-5.3.18-lp152.54.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-lp152.54.2.noarch",
"product": {
"name": "kernel-docs-5.3.18-lp152.54.2.noarch",
"product_id": "kernel-docs-5.3.18-lp152.54.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-lp152.54.2.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-lp152.54.2.noarch",
"product_id": "kernel-docs-html-5.3.18-lp152.54.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-lp152.54.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-lp152.54.1.noarch",
"product_id": "kernel-macros-5.3.18-lp152.54.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-lp152.54.1.noarch",
"product": {
"name": "kernel-source-5.3.18-lp152.54.1.noarch",
"product_id": "kernel-source-5.3.18-lp152.54.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-lp152.54.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-debug-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-default-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"product_id": "kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-preempt-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-lp152.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-lp152.54.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-lp152.54.1.x86_64",
"product_id": "kernel-syms-5.3.18-lp152.54.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-debug-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-lp152.54.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-lp152.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-lp152.54.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch"
},
"product_reference": "kernel-docs-5.3.18-lp152.54.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-lp152.54.2.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-lp152.54.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-lp152.54.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-lp152.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-lp152.54.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch"
},
"product_reference": "kernel-source-5.3.18-lp152.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-lp152.54.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-lp152.54.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-lp152.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15436"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15436",
"url": "https://www.suse.com/security/cve/CVE-2020-15436"
},
{
"category": "external",
"summary": "SUSE Bug 1179141 for CVE-2020-15436",
"url": "https://bugzilla.suse.com/1179141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-15436"
},
{
"cve": "CVE-2020-15437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15437"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p-\u003eserial_in pointer which uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15437",
"url": "https://www.suse.com/security/cve/CVE-2020-15437"
},
{
"category": "external",
"summary": "SUSE Bug 1179140 for CVE-2020-15437",
"url": "https://bugzilla.suse.com/1179140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-15437"
},
{
"cve": "CVE-2020-25669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25669"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25669",
"url": "https://www.suse.com/security/cve/CVE-2020-25669"
},
{
"category": "external",
"summary": "SUSE Bug 1178182 for CVE-2020-25669",
"url": "https://bugzilla.suse.com/1178182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-25669"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
},
{
"cve": "CVE-2020-27777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27777"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27777",
"url": "https://www.suse.com/security/cve/CVE-2020-27777"
},
{
"category": "external",
"summary": "SUSE Bug 1179107 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "external",
"summary": "SUSE Bug 1179419 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "external",
"summary": "SUSE Bug 1200343 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1200343"
},
{
"category": "external",
"summary": "SUSE Bug 1220060 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1220060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-28915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28915"
}
],
"notes": [
{
"category": "general",
"text": "A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28915",
"url": "https://www.suse.com/security/cve/CVE-2020-28915"
},
{
"category": "external",
"summary": "SUSE Bug 1178886 for CVE-2020-28915",
"url": "https://bugzilla.suse.com/1178886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-28915"
},
{
"cve": "CVE-2020-28941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28941"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28941",
"url": "https://www.suse.com/security/cve/CVE-2020-28941"
},
{
"category": "external",
"summary": "SUSE Bug 1178740 for CVE-2020-28941",
"url": "https://bugzilla.suse.com/1178740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-28941"
},
{
"cve": "CVE-2020-28974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28974"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28974",
"url": "https://www.suse.com/security/cve/CVE-2020-28974"
},
{
"category": "external",
"summary": "SUSE Bug 1178589 for CVE-2020-28974",
"url": "https://bugzilla.suse.com/1178589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-28974"
},
{
"cve": "CVE-2020-29369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29369"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29369",
"url": "https://www.suse.com/security/cve/CVE-2020-29369"
},
{
"category": "external",
"summary": "SUSE Bug 1173504 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1173504"
},
{
"category": "external",
"summary": "SUSE Bug 1179432 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1179432"
},
{
"category": "external",
"summary": "SUSE Bug 1179646 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1179646"
},
{
"category": "external",
"summary": "SUSE Bug 1182109 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1182109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "important"
}
],
"title": "CVE-2020-29369"
},
{
"cve": "CVE-2020-29371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29371"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29371",
"url": "https://www.suse.com/security/cve/CVE-2020-29371"
},
{
"category": "external",
"summary": "SUSE Bug 1179429 for CVE-2020-29371",
"url": "https://bugzilla.suse.com/1179429"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-29371"
},
{
"cve": "CVE-2020-4788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-4788"
}
],
"notes": [
{
"category": "general",
"text": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-4788",
"url": "https://www.suse.com/security/cve/CVE-2020-4788"
},
{
"category": "external",
"summary": "SUSE Bug 1177666 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "external",
"summary": "SUSE Bug 1181158 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1181158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.54.1.lp152.8.12.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.54.2.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.54.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.54.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T22:35:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-4788"
}
]
}
OPENSUSE-SU-2021:0242-1
Vulnerability from csaf_opensuse - Published: 2021-02-05 15:16 - Updated: 2021-02-05 15:16Summary
Security update for RT kernel
Severity
Moderate
Notes
Title of the patch: Security update for RT kernel
Description of the patch:
This update syncs the RT kernel from the SUSE Linux Enterprise 15-SP2 codestream.
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames: openSUSE-2021-242
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.7 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
1060 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for RT kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update syncs the RT kernel from the SUSE Linux Enterprise 15-SP2 codestream.\n \nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-242",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0242-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:0242-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XOAUJM2XDOB5Y2JL726SBZNXGQBPQC75/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:0242-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XOAUJM2XDOB5Y2JL726SBZNXGQBPQC75/"
},
{
"category": "self",
"summary": "SUSE Bug 1034995",
"url": "https://bugzilla.suse.com/1034995"
},
{
"category": "self",
"summary": "SUSE Bug 1040855",
"url": "https://bugzilla.suse.com/1040855"
},
{
"category": "self",
"summary": "SUSE Bug 1043347",
"url": "https://bugzilla.suse.com/1043347"
},
{
"category": "self",
"summary": "SUSE Bug 1044120",
"url": "https://bugzilla.suse.com/1044120"
},
{
"category": "self",
"summary": "SUSE Bug 1044767",
"url": "https://bugzilla.suse.com/1044767"
},
{
"category": "self",
"summary": "SUSE Bug 1055014",
"url": "https://bugzilla.suse.com/1055014"
},
{
"category": "self",
"summary": "SUSE Bug 1055117",
"url": "https://bugzilla.suse.com/1055117"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1061843",
"url": "https://bugzilla.suse.com/1061843"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1066382",
"url": "https://bugzilla.suse.com/1066382"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1077428",
"url": "https://bugzilla.suse.com/1077428"
},
{
"category": "self",
"summary": "SUSE Bug 1085030",
"url": "https://bugzilla.suse.com/1085030"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1120163",
"url": "https://bugzilla.suse.com/1120163"
},
{
"category": "self",
"summary": "SUSE Bug 1129923",
"url": "https://bugzilla.suse.com/1129923"
},
{
"category": "self",
"summary": "SUSE Bug 1133021",
"url": "https://bugzilla.suse.com/1133021"
},
{
"category": "self",
"summary": "SUSE Bug 1134760",
"url": "https://bugzilla.suse.com/1134760"
},
{
"category": "self",
"summary": "SUSE Bug 1136666",
"url": "https://bugzilla.suse.com/1136666"
},
{
"category": "self",
"summary": "SUSE Bug 1138374",
"url": "https://bugzilla.suse.com/1138374"
},
{
"category": "self",
"summary": "SUSE Bug 1139944",
"url": "https://bugzilla.suse.com/1139944"
},
{
"category": "self",
"summary": "SUSE Bug 1148868",
"url": "https://bugzilla.suse.com/1148868"
},
{
"category": "self",
"summary": "SUSE Bug 1149032",
"url": "https://bugzilla.suse.com/1149032"
},
{
"category": "self",
"summary": "SUSE Bug 1152148",
"url": "https://bugzilla.suse.com/1152148"
},
{
"category": "self",
"summary": "SUSE Bug 1152457",
"url": "https://bugzilla.suse.com/1152457"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1154488",
"url": "https://bugzilla.suse.com/1154488"
},
{
"category": "self",
"summary": "SUSE Bug 1154492",
"url": "https://bugzilla.suse.com/1154492"
},
{
"category": "self",
"summary": "SUSE Bug 1154824",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1155798",
"url": "https://bugzilla.suse.com/1155798"
},
{
"category": "self",
"summary": "SUSE Bug 1156315",
"url": "https://bugzilla.suse.com/1156315"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1157169",
"url": "https://bugzilla.suse.com/1157169"
},
{
"category": "self",
"summary": "SUSE Bug 1158050",
"url": "https://bugzilla.suse.com/1158050"
},
{
"category": "self",
"summary": "SUSE Bug 1158242",
"url": "https://bugzilla.suse.com/1158242"
},
{
"category": "self",
"summary": "SUSE Bug 1158265",
"url": "https://bugzilla.suse.com/1158265"
},
{
"category": "self",
"summary": "SUSE Bug 1158748",
"url": "https://bugzilla.suse.com/1158748"
},
{
"category": "self",
"summary": "SUSE Bug 1158765",
"url": "https://bugzilla.suse.com/1158765"
},
{
"category": "self",
"summary": "SUSE Bug 1158775",
"url": "https://bugzilla.suse.com/1158775"
},
{
"category": "self",
"summary": "SUSE Bug 1158983",
"url": "https://bugzilla.suse.com/1158983"
},
{
"category": "self",
"summary": "SUSE Bug 1159058",
"url": "https://bugzilla.suse.com/1159058"
},
{
"category": "self",
"summary": "SUSE Bug 1159781",
"url": "https://bugzilla.suse.com/1159781"
},
{
"category": "self",
"summary": "SUSE Bug 1159867",
"url": "https://bugzilla.suse.com/1159867"
},
{
"category": "self",
"summary": "SUSE Bug 1159886",
"url": "https://bugzilla.suse.com/1159886"
},
{
"category": "self",
"summary": "SUSE Bug 1160388",
"url": "https://bugzilla.suse.com/1160388"
},
{
"category": "self",
"summary": "SUSE Bug 1160634",
"url": "https://bugzilla.suse.com/1160634"
},
{
"category": "self",
"summary": "SUSE Bug 1160947",
"url": "https://bugzilla.suse.com/1160947"
},
{
"category": "self",
"summary": "SUSE Bug 1161099",
"url": "https://bugzilla.suse.com/1161099"
},
{
"category": "self",
"summary": "SUSE Bug 1161495",
"url": "https://bugzilla.suse.com/1161495"
},
{
"category": "self",
"summary": "SUSE Bug 1162002",
"url": "https://bugzilla.suse.com/1162002"
},
{
"category": "self",
"summary": "SUSE Bug 1162063",
"url": "https://bugzilla.suse.com/1162063"
},
{
"category": "self",
"summary": "SUSE Bug 1162209",
"url": "https://bugzilla.suse.com/1162209"
},
{
"category": "self",
"summary": "SUSE Bug 1162400",
"url": "https://bugzilla.suse.com/1162400"
},
{
"category": "self",
"summary": "SUSE Bug 1162702",
"url": "https://bugzilla.suse.com/1162702"
},
{
"category": "self",
"summary": "SUSE Bug 1163592",
"url": "https://bugzilla.suse.com/1163592"
},
{
"category": "self",
"summary": "SUSE Bug 1163727",
"url": "https://bugzilla.suse.com/1163727"
},
{
"category": "self",
"summary": "SUSE Bug 1164648",
"url": "https://bugzilla.suse.com/1164648"
},
{
"category": "self",
"summary": "SUSE Bug 1164777",
"url": "https://bugzilla.suse.com/1164777"
},
{
"category": "self",
"summary": "SUSE Bug 1164780",
"url": "https://bugzilla.suse.com/1164780"
},
{
"category": "self",
"summary": "SUSE Bug 1165211",
"url": "https://bugzilla.suse.com/1165211"
},
{
"category": "self",
"summary": "SUSE Bug 1165455",
"url": "https://bugzilla.suse.com/1165455"
},
{
"category": "self",
"summary": "SUSE Bug 1165629",
"url": "https://bugzilla.suse.com/1165629"
},
{
"category": "self",
"summary": "SUSE Bug 1165692",
"url": "https://bugzilla.suse.com/1165692"
},
{
"category": "self",
"summary": "SUSE Bug 1165933",
"url": "https://bugzilla.suse.com/1165933"
},
{
"category": "self",
"summary": "SUSE Bug 1165975",
"url": "https://bugzilla.suse.com/1165975"
},
{
"category": "self",
"summary": "SUSE Bug 1166146",
"url": "https://bugzilla.suse.com/1166146"
},
{
"category": "self",
"summary": "SUSE Bug 1166166",
"url": "https://bugzilla.suse.com/1166166"
},
{
"category": "self",
"summary": "SUSE Bug 1166340",
"url": "https://bugzilla.suse.com/1166340"
},
{
"category": "self",
"summary": "SUSE Bug 1166965",
"url": "https://bugzilla.suse.com/1166965"
},
{
"category": "self",
"summary": "SUSE Bug 1166985",
"url": "https://bugzilla.suse.com/1166985"
},
{
"category": "self",
"summary": "SUSE Bug 1167030",
"url": "https://bugzilla.suse.com/1167030"
},
{
"category": "self",
"summary": "SUSE Bug 1167104",
"url": "https://bugzilla.suse.com/1167104"
},
{
"category": "self",
"summary": "SUSE Bug 1167527",
"url": "https://bugzilla.suse.com/1167527"
},
{
"category": "self",
"summary": "SUSE Bug 1167651",
"url": "https://bugzilla.suse.com/1167651"
},
{
"category": "self",
"summary": "SUSE Bug 1167657",
"url": "https://bugzilla.suse.com/1167657"
},
{
"category": "self",
"summary": "SUSE Bug 1167773",
"url": "https://bugzilla.suse.com/1167773"
},
{
"category": "self",
"summary": "SUSE Bug 1167851",
"url": "https://bugzilla.suse.com/1167851"
},
{
"category": "self",
"summary": "SUSE Bug 1168230",
"url": "https://bugzilla.suse.com/1168230"
},
{
"category": "self",
"summary": "SUSE Bug 1168461",
"url": "https://bugzilla.suse.com/1168461"
},
{
"category": "self",
"summary": "SUSE Bug 1168468",
"url": "https://bugzilla.suse.com/1168468"
},
{
"category": "self",
"summary": "SUSE Bug 1168779",
"url": "https://bugzilla.suse.com/1168779"
},
{
"category": "self",
"summary": "SUSE Bug 1168838",
"url": "https://bugzilla.suse.com/1168838"
},
{
"category": "self",
"summary": "SUSE Bug 1168952",
"url": "https://bugzilla.suse.com/1168952"
},
{
"category": "self",
"summary": "SUSE Bug 1168959",
"url": "https://bugzilla.suse.com/1168959"
},
{
"category": "self",
"summary": "SUSE Bug 1169021",
"url": "https://bugzilla.suse.com/1169021"
},
{
"category": "self",
"summary": "SUSE Bug 1169094",
"url": "https://bugzilla.suse.com/1169094"
},
{
"category": "self",
"summary": "SUSE Bug 1169194",
"url": "https://bugzilla.suse.com/1169194"
},
{
"category": "self",
"summary": "SUSE Bug 1169263",
"url": "https://bugzilla.suse.com/1169263"
},
{
"category": "self",
"summary": "SUSE Bug 1169514",
"url": "https://bugzilla.suse.com/1169514"
},
{
"category": "self",
"summary": "SUSE Bug 1169681",
"url": "https://bugzilla.suse.com/1169681"
},
{
"category": "self",
"summary": "SUSE Bug 1169763",
"url": "https://bugzilla.suse.com/1169763"
},
{
"category": "self",
"summary": "SUSE Bug 1169771",
"url": "https://bugzilla.suse.com/1169771"
},
{
"category": "self",
"summary": "SUSE Bug 1169790",
"url": "https://bugzilla.suse.com/1169790"
},
{
"category": "self",
"summary": "SUSE Bug 1169795",
"url": "https://bugzilla.suse.com/1169795"
},
{
"category": "self",
"summary": "SUSE Bug 1170011",
"url": "https://bugzilla.suse.com/1170011"
},
{
"category": "self",
"summary": "SUSE Bug 1170139",
"url": "https://bugzilla.suse.com/1170139"
},
{
"category": "self",
"summary": "SUSE Bug 1170232",
"url": "https://bugzilla.suse.com/1170232"
},
{
"category": "self",
"summary": "SUSE Bug 1170284",
"url": "https://bugzilla.suse.com/1170284"
},
{
"category": "self",
"summary": "SUSE Bug 1170415",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "self",
"summary": "SUSE Bug 1170442",
"url": "https://bugzilla.suse.com/1170442"
},
{
"category": "self",
"summary": "SUSE Bug 1170617",
"url": "https://bugzilla.suse.com/1170617"
},
{
"category": "self",
"summary": "SUSE Bug 1170621",
"url": "https://bugzilla.suse.com/1170621"
},
{
"category": "self",
"summary": "SUSE Bug 1170774",
"url": "https://bugzilla.suse.com/1170774"
},
{
"category": "self",
"summary": "SUSE Bug 1170879",
"url": "https://bugzilla.suse.com/1170879"
},
{
"category": "self",
"summary": "SUSE Bug 1170891",
"url": "https://bugzilla.suse.com/1170891"
},
{
"category": "self",
"summary": "SUSE Bug 1170895",
"url": "https://bugzilla.suse.com/1170895"
},
{
"category": "self",
"summary": "SUSE Bug 1171000",
"url": "https://bugzilla.suse.com/1171000"
},
{
"category": "self",
"summary": "SUSE Bug 1171068",
"url": "https://bugzilla.suse.com/1171068"
},
{
"category": "self",
"summary": "SUSE Bug 1171073",
"url": "https://bugzilla.suse.com/1171073"
},
{
"category": "self",
"summary": "SUSE Bug 1171078",
"url": "https://bugzilla.suse.com/1171078"
},
{
"category": "self",
"summary": "SUSE Bug 1171117",
"url": "https://bugzilla.suse.com/1171117"
},
{
"category": "self",
"summary": "SUSE Bug 1171150",
"url": "https://bugzilla.suse.com/1171150"
},
{
"category": "self",
"summary": "SUSE Bug 1171156",
"url": "https://bugzilla.suse.com/1171156"
},
{
"category": "self",
"summary": "SUSE Bug 1171189",
"url": "https://bugzilla.suse.com/1171189"
},
{
"category": "self",
"summary": "SUSE Bug 1171191",
"url": "https://bugzilla.suse.com/1171191"
},
{
"category": "self",
"summary": "SUSE Bug 1171218",
"url": "https://bugzilla.suse.com/1171218"
},
{
"category": "self",
"summary": "SUSE Bug 1171219",
"url": "https://bugzilla.suse.com/1171219"
},
{
"category": "self",
"summary": "SUSE Bug 1171220",
"url": "https://bugzilla.suse.com/1171220"
},
{
"category": "self",
"summary": "SUSE Bug 1171236",
"url": "https://bugzilla.suse.com/1171236"
},
{
"category": "self",
"summary": "SUSE Bug 1171242",
"url": "https://bugzilla.suse.com/1171242"
},
{
"category": "self",
"summary": "SUSE Bug 1171246",
"url": "https://bugzilla.suse.com/1171246"
},
{
"category": "self",
"summary": "SUSE Bug 1171285",
"url": "https://bugzilla.suse.com/1171285"
},
{
"category": "self",
"summary": "SUSE Bug 1171293",
"url": "https://bugzilla.suse.com/1171293"
},
{
"category": "self",
"summary": "SUSE Bug 1171374",
"url": "https://bugzilla.suse.com/1171374"
},
{
"category": "self",
"summary": "SUSE Bug 1171390",
"url": "https://bugzilla.suse.com/1171390"
},
{
"category": "self",
"summary": "SUSE Bug 1171391",
"url": "https://bugzilla.suse.com/1171391"
},
{
"category": "self",
"summary": "SUSE Bug 1171392",
"url": "https://bugzilla.suse.com/1171392"
},
{
"category": "self",
"summary": "SUSE Bug 1171417",
"url": "https://bugzilla.suse.com/1171417"
},
{
"category": "self",
"summary": "SUSE Bug 1171426",
"url": "https://bugzilla.suse.com/1171426"
},
{
"category": "self",
"summary": "SUSE Bug 1171507",
"url": "https://bugzilla.suse.com/1171507"
},
{
"category": "self",
"summary": "SUSE Bug 1171513",
"url": "https://bugzilla.suse.com/1171513"
},
{
"category": "self",
"summary": "SUSE Bug 1171514",
"url": "https://bugzilla.suse.com/1171514"
},
{
"category": "self",
"summary": "SUSE Bug 1171529",
"url": "https://bugzilla.suse.com/1171529"
},
{
"category": "self",
"summary": "SUSE Bug 1171530",
"url": "https://bugzilla.suse.com/1171530"
},
{
"category": "self",
"summary": "SUSE Bug 1171558",
"url": "https://bugzilla.suse.com/1171558"
},
{
"category": "self",
"summary": "SUSE Bug 1171634",
"url": "https://bugzilla.suse.com/1171634"
},
{
"category": "self",
"summary": "SUSE Bug 1171644",
"url": "https://bugzilla.suse.com/1171644"
},
{
"category": "self",
"summary": "SUSE Bug 1171662",
"url": "https://bugzilla.suse.com/1171662"
},
{
"category": "self",
"summary": "SUSE Bug 1171675",
"url": "https://bugzilla.suse.com/1171675"
},
{
"category": "self",
"summary": "SUSE Bug 1171688",
"url": "https://bugzilla.suse.com/1171688"
},
{
"category": "self",
"summary": "SUSE Bug 1171699",
"url": "https://bugzilla.suse.com/1171699"
},
{
"category": "self",
"summary": "SUSE Bug 1171709",
"url": "https://bugzilla.suse.com/1171709"
},
{
"category": "self",
"summary": "SUSE Bug 1171730",
"url": "https://bugzilla.suse.com/1171730"
},
{
"category": "self",
"summary": "SUSE Bug 1171732",
"url": "https://bugzilla.suse.com/1171732"
},
{
"category": "self",
"summary": "SUSE Bug 1171736",
"url": "https://bugzilla.suse.com/1171736"
},
{
"category": "self",
"summary": "SUSE Bug 1171739",
"url": "https://bugzilla.suse.com/1171739"
},
{
"category": "self",
"summary": "SUSE Bug 1171742",
"url": "https://bugzilla.suse.com/1171742"
},
{
"category": "self",
"summary": "SUSE Bug 1171743",
"url": "https://bugzilla.suse.com/1171743"
},
{
"category": "self",
"summary": "SUSE Bug 1171759",
"url": "https://bugzilla.suse.com/1171759"
},
{
"category": "self",
"summary": "SUSE Bug 1171773",
"url": "https://bugzilla.suse.com/1171773"
},
{
"category": "self",
"summary": "SUSE Bug 1171774",
"url": "https://bugzilla.suse.com/1171774"
},
{
"category": "self",
"summary": "SUSE Bug 1171775",
"url": "https://bugzilla.suse.com/1171775"
},
{
"category": "self",
"summary": "SUSE Bug 1171776",
"url": "https://bugzilla.suse.com/1171776"
},
{
"category": "self",
"summary": "SUSE Bug 1171777",
"url": "https://bugzilla.suse.com/1171777"
},
{
"category": "self",
"summary": "SUSE Bug 1171778",
"url": "https://bugzilla.suse.com/1171778"
},
{
"category": "self",
"summary": "SUSE Bug 1171779",
"url": "https://bugzilla.suse.com/1171779"
},
{
"category": "self",
"summary": "SUSE Bug 1171780",
"url": "https://bugzilla.suse.com/1171780"
},
{
"category": "self",
"summary": "SUSE Bug 1171781",
"url": "https://bugzilla.suse.com/1171781"
},
{
"category": "self",
"summary": "SUSE Bug 1171782",
"url": "https://bugzilla.suse.com/1171782"
},
{
"category": "self",
"summary": "SUSE Bug 1171783",
"url": "https://bugzilla.suse.com/1171783"
},
{
"category": "self",
"summary": "SUSE Bug 1171784",
"url": "https://bugzilla.suse.com/1171784"
},
{
"category": "self",
"summary": "SUSE Bug 1171785",
"url": "https://bugzilla.suse.com/1171785"
},
{
"category": "self",
"summary": "SUSE Bug 1171786",
"url": "https://bugzilla.suse.com/1171786"
},
{
"category": "self",
"summary": "SUSE Bug 1171787",
"url": "https://bugzilla.suse.com/1171787"
},
{
"category": "self",
"summary": "SUSE Bug 1171788",
"url": "https://bugzilla.suse.com/1171788"
},
{
"category": "self",
"summary": "SUSE Bug 1171789",
"url": "https://bugzilla.suse.com/1171789"
},
{
"category": "self",
"summary": "SUSE Bug 1171790",
"url": "https://bugzilla.suse.com/1171790"
},
{
"category": "self",
"summary": "SUSE Bug 1171791",
"url": "https://bugzilla.suse.com/1171791"
},
{
"category": "self",
"summary": "SUSE Bug 1171792",
"url": "https://bugzilla.suse.com/1171792"
},
{
"category": "self",
"summary": "SUSE Bug 1171793",
"url": "https://bugzilla.suse.com/1171793"
},
{
"category": "self",
"summary": "SUSE Bug 1171794",
"url": "https://bugzilla.suse.com/1171794"
},
{
"category": "self",
"summary": "SUSE Bug 1171795",
"url": "https://bugzilla.suse.com/1171795"
},
{
"category": "self",
"summary": "SUSE Bug 1171796",
"url": "https://bugzilla.suse.com/1171796"
},
{
"category": "self",
"summary": "SUSE Bug 1171797",
"url": "https://bugzilla.suse.com/1171797"
},
{
"category": "self",
"summary": "SUSE Bug 1171798",
"url": "https://bugzilla.suse.com/1171798"
},
{
"category": "self",
"summary": "SUSE Bug 1171799",
"url": "https://bugzilla.suse.com/1171799"
},
{
"category": "self",
"summary": "SUSE Bug 1171810",
"url": "https://bugzilla.suse.com/1171810"
},
{
"category": "self",
"summary": "SUSE Bug 1171827",
"url": "https://bugzilla.suse.com/1171827"
},
{
"category": "self",
"summary": "SUSE Bug 1171828",
"url": "https://bugzilla.suse.com/1171828"
},
{
"category": "self",
"summary": "SUSE Bug 1171832",
"url": "https://bugzilla.suse.com/1171832"
},
{
"category": "self",
"summary": "SUSE Bug 1171833",
"url": "https://bugzilla.suse.com/1171833"
},
{
"category": "self",
"summary": "SUSE Bug 1171834",
"url": "https://bugzilla.suse.com/1171834"
},
{
"category": "self",
"summary": "SUSE Bug 1171835",
"url": "https://bugzilla.suse.com/1171835"
},
{
"category": "self",
"summary": "SUSE Bug 1171839",
"url": "https://bugzilla.suse.com/1171839"
},
{
"category": "self",
"summary": "SUSE Bug 1171840",
"url": "https://bugzilla.suse.com/1171840"
},
{
"category": "self",
"summary": "SUSE Bug 1171841",
"url": "https://bugzilla.suse.com/1171841"
},
{
"category": "self",
"summary": "SUSE Bug 1171842",
"url": "https://bugzilla.suse.com/1171842"
},
{
"category": "self",
"summary": "SUSE Bug 1171843",
"url": "https://bugzilla.suse.com/1171843"
},
{
"category": "self",
"summary": "SUSE Bug 1171844",
"url": "https://bugzilla.suse.com/1171844"
},
{
"category": "self",
"summary": "SUSE Bug 1171849",
"url": "https://bugzilla.suse.com/1171849"
},
{
"category": "self",
"summary": "SUSE Bug 1171857",
"url": "https://bugzilla.suse.com/1171857"
},
{
"category": "self",
"summary": "SUSE Bug 1171868",
"url": "https://bugzilla.suse.com/1171868"
},
{
"category": "self",
"summary": "SUSE Bug 1171904",
"url": "https://bugzilla.suse.com/1171904"
},
{
"category": "self",
"summary": "SUSE Bug 1171915",
"url": "https://bugzilla.suse.com/1171915"
},
{
"category": "self",
"summary": "SUSE Bug 1171982",
"url": "https://bugzilla.suse.com/1171982"
},
{
"category": "self",
"summary": "SUSE Bug 1171983",
"url": "https://bugzilla.suse.com/1171983"
},
{
"category": "self",
"summary": "SUSE Bug 1171988",
"url": "https://bugzilla.suse.com/1171988"
},
{
"category": "self",
"summary": "SUSE Bug 1172017",
"url": "https://bugzilla.suse.com/1172017"
},
{
"category": "self",
"summary": "SUSE Bug 1172046",
"url": "https://bugzilla.suse.com/1172046"
},
{
"category": "self",
"summary": "SUSE Bug 1172061",
"url": "https://bugzilla.suse.com/1172061"
},
{
"category": "self",
"summary": "SUSE Bug 1172062",
"url": "https://bugzilla.suse.com/1172062"
},
{
"category": "self",
"summary": "SUSE Bug 1172063",
"url": "https://bugzilla.suse.com/1172063"
},
{
"category": "self",
"summary": "SUSE Bug 1172064",
"url": "https://bugzilla.suse.com/1172064"
},
{
"category": "self",
"summary": "SUSE Bug 1172065",
"url": "https://bugzilla.suse.com/1172065"
},
{
"category": "self",
"summary": "SUSE Bug 1172066",
"url": "https://bugzilla.suse.com/1172066"
},
{
"category": "self",
"summary": "SUSE Bug 1172067",
"url": "https://bugzilla.suse.com/1172067"
},
{
"category": "self",
"summary": "SUSE Bug 1172068",
"url": "https://bugzilla.suse.com/1172068"
},
{
"category": "self",
"summary": "SUSE Bug 1172069",
"url": "https://bugzilla.suse.com/1172069"
},
{
"category": "self",
"summary": "SUSE Bug 1172073",
"url": "https://bugzilla.suse.com/1172073"
},
{
"category": "self",
"summary": "SUSE Bug 1172086",
"url": "https://bugzilla.suse.com/1172086"
},
{
"category": "self",
"summary": "SUSE Bug 1172095",
"url": "https://bugzilla.suse.com/1172095"
},
{
"category": "self",
"summary": "SUSE Bug 1172108",
"url": "https://bugzilla.suse.com/1172108"
},
{
"category": "self",
"summary": "SUSE Bug 1172145",
"url": "https://bugzilla.suse.com/1172145"
},
{
"category": "self",
"summary": "SUSE Bug 1172169",
"url": "https://bugzilla.suse.com/1172169"
},
{
"category": "self",
"summary": "SUSE Bug 1172170",
"url": "https://bugzilla.suse.com/1172170"
},
{
"category": "self",
"summary": "SUSE Bug 1172197",
"url": "https://bugzilla.suse.com/1172197"
},
{
"category": "self",
"summary": "SUSE Bug 1172201",
"url": "https://bugzilla.suse.com/1172201"
},
{
"category": "self",
"summary": "SUSE Bug 1172208",
"url": "https://bugzilla.suse.com/1172208"
},
{
"category": "self",
"summary": "SUSE Bug 1172223",
"url": "https://bugzilla.suse.com/1172223"
},
{
"category": "self",
"summary": "SUSE Bug 1172247",
"url": "https://bugzilla.suse.com/1172247"
},
{
"category": "self",
"summary": "SUSE Bug 1172317",
"url": "https://bugzilla.suse.com/1172317"
},
{
"category": "self",
"summary": "SUSE Bug 1172342",
"url": "https://bugzilla.suse.com/1172342"
},
{
"category": "self",
"summary": "SUSE Bug 1172343",
"url": "https://bugzilla.suse.com/1172343"
},
{
"category": "self",
"summary": "SUSE Bug 1172344",
"url": "https://bugzilla.suse.com/1172344"
},
{
"category": "self",
"summary": "SUSE Bug 1172365",
"url": "https://bugzilla.suse.com/1172365"
},
{
"category": "self",
"summary": "SUSE Bug 1172366",
"url": "https://bugzilla.suse.com/1172366"
},
{
"category": "self",
"summary": "SUSE Bug 1172374",
"url": "https://bugzilla.suse.com/1172374"
},
{
"category": "self",
"summary": "SUSE Bug 1172391",
"url": "https://bugzilla.suse.com/1172391"
},
{
"category": "self",
"summary": "SUSE Bug 1172393",
"url": "https://bugzilla.suse.com/1172393"
},
{
"category": "self",
"summary": "SUSE Bug 1172394",
"url": "https://bugzilla.suse.com/1172394"
},
{
"category": "self",
"summary": "SUSE Bug 1172418",
"url": "https://bugzilla.suse.com/1172418"
},
{
"category": "self",
"summary": "SUSE Bug 1172419",
"url": "https://bugzilla.suse.com/1172419"
},
{
"category": "self",
"summary": "SUSE Bug 1172453",
"url": "https://bugzilla.suse.com/1172453"
},
{
"category": "self",
"summary": "SUSE Bug 1172458",
"url": "https://bugzilla.suse.com/1172458"
},
{
"category": "self",
"summary": "SUSE Bug 1172467",
"url": "https://bugzilla.suse.com/1172467"
},
{
"category": "self",
"summary": "SUSE Bug 1172484",
"url": "https://bugzilla.suse.com/1172484"
},
{
"category": "self",
"summary": "SUSE Bug 1172537",
"url": "https://bugzilla.suse.com/1172537"
},
{
"category": "self",
"summary": "SUSE Bug 1172543",
"url": "https://bugzilla.suse.com/1172543"
},
{
"category": "self",
"summary": "SUSE Bug 1172687",
"url": "https://bugzilla.suse.com/1172687"
},
{
"category": "self",
"summary": "SUSE Bug 1172719",
"url": "https://bugzilla.suse.com/1172719"
},
{
"category": "self",
"summary": "SUSE Bug 1172733",
"url": "https://bugzilla.suse.com/1172733"
},
{
"category": "self",
"summary": "SUSE Bug 1172739",
"url": "https://bugzilla.suse.com/1172739"
},
{
"category": "self",
"summary": "SUSE Bug 1172751",
"url": "https://bugzilla.suse.com/1172751"
},
{
"category": "self",
"summary": "SUSE Bug 1172757",
"url": "https://bugzilla.suse.com/1172757"
},
{
"category": "self",
"summary": "SUSE Bug 1172759",
"url": "https://bugzilla.suse.com/1172759"
},
{
"category": "self",
"summary": "SUSE Bug 1172775",
"url": "https://bugzilla.suse.com/1172775"
},
{
"category": "self",
"summary": "SUSE Bug 1172781",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "self",
"summary": "SUSE Bug 1172782",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "self",
"summary": "SUSE Bug 1172783",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "self",
"summary": "SUSE Bug 1172814",
"url": "https://bugzilla.suse.com/1172814"
},
{
"category": "self",
"summary": "SUSE Bug 1172823",
"url": "https://bugzilla.suse.com/1172823"
},
{
"category": "self",
"summary": "SUSE Bug 1172841",
"url": "https://bugzilla.suse.com/1172841"
},
{
"category": "self",
"summary": "SUSE Bug 1172871",
"url": "https://bugzilla.suse.com/1172871"
},
{
"category": "self",
"summary": "SUSE Bug 1172873",
"url": "https://bugzilla.suse.com/1172873"
},
{
"category": "self",
"summary": "SUSE Bug 1172938",
"url": "https://bugzilla.suse.com/1172938"
},
{
"category": "self",
"summary": "SUSE Bug 1172939",
"url": "https://bugzilla.suse.com/1172939"
},
{
"category": "self",
"summary": "SUSE Bug 1172940",
"url": "https://bugzilla.suse.com/1172940"
},
{
"category": "self",
"summary": "SUSE Bug 1172956",
"url": "https://bugzilla.suse.com/1172956"
},
{
"category": "self",
"summary": "SUSE Bug 1172963",
"url": "https://bugzilla.suse.com/1172963"
},
{
"category": "self",
"summary": "SUSE Bug 1172983",
"url": "https://bugzilla.suse.com/1172983"
},
{
"category": "self",
"summary": "SUSE Bug 1172984",
"url": "https://bugzilla.suse.com/1172984"
},
{
"category": "self",
"summary": "SUSE Bug 1172985",
"url": "https://bugzilla.suse.com/1172985"
},
{
"category": "self",
"summary": "SUSE Bug 1172986",
"url": "https://bugzilla.suse.com/1172986"
},
{
"category": "self",
"summary": "SUSE Bug 1172987",
"url": "https://bugzilla.suse.com/1172987"
},
{
"category": "self",
"summary": "SUSE Bug 1172988",
"url": "https://bugzilla.suse.com/1172988"
},
{
"category": "self",
"summary": "SUSE Bug 1172989",
"url": "https://bugzilla.suse.com/1172989"
},
{
"category": "self",
"summary": "SUSE Bug 1172990",
"url": "https://bugzilla.suse.com/1172990"
},
{
"category": "self",
"summary": "SUSE Bug 1172999",
"url": "https://bugzilla.suse.com/1172999"
},
{
"category": "self",
"summary": "SUSE Bug 1173017",
"url": "https://bugzilla.suse.com/1173017"
},
{
"category": "self",
"summary": "SUSE Bug 1173068",
"url": "https://bugzilla.suse.com/1173068"
},
{
"category": "self",
"summary": "SUSE Bug 1173074",
"url": "https://bugzilla.suse.com/1173074"
},
{
"category": "self",
"summary": "SUSE Bug 1173085",
"url": "https://bugzilla.suse.com/1173085"
},
{
"category": "self",
"summary": "SUSE Bug 1173115",
"url": "https://bugzilla.suse.com/1173115"
},
{
"category": "self",
"summary": "SUSE Bug 1173139",
"url": "https://bugzilla.suse.com/1173139"
},
{
"category": "self",
"summary": "SUSE Bug 1173206",
"url": "https://bugzilla.suse.com/1173206"
},
{
"category": "self",
"summary": "SUSE Bug 1173267",
"url": "https://bugzilla.suse.com/1173267"
},
{
"category": "self",
"summary": "SUSE Bug 1173271",
"url": "https://bugzilla.suse.com/1173271"
},
{
"category": "self",
"summary": "SUSE Bug 1173280",
"url": "https://bugzilla.suse.com/1173280"
},
{
"category": "self",
"summary": "SUSE Bug 1173284",
"url": "https://bugzilla.suse.com/1173284"
},
{
"category": "self",
"summary": "SUSE Bug 1173428",
"url": "https://bugzilla.suse.com/1173428"
},
{
"category": "self",
"summary": "SUSE Bug 1173438",
"url": "https://bugzilla.suse.com/1173438"
},
{
"category": "self",
"summary": "SUSE Bug 1173461",
"url": "https://bugzilla.suse.com/1173461"
},
{
"category": "self",
"summary": "SUSE Bug 1173468",
"url": "https://bugzilla.suse.com/1173468"
},
{
"category": "self",
"summary": "SUSE Bug 1173485",
"url": "https://bugzilla.suse.com/1173485"
},
{
"category": "self",
"summary": "SUSE Bug 1173514",
"url": "https://bugzilla.suse.com/1173514"
},
{
"category": "self",
"summary": "SUSE Bug 1173552",
"url": "https://bugzilla.suse.com/1173552"
},
{
"category": "self",
"summary": "SUSE Bug 1173573",
"url": "https://bugzilla.suse.com/1173573"
},
{
"category": "self",
"summary": "SUSE Bug 1173625",
"url": "https://bugzilla.suse.com/1173625"
},
{
"category": "self",
"summary": "SUSE Bug 1173746",
"url": "https://bugzilla.suse.com/1173746"
},
{
"category": "self",
"summary": "SUSE Bug 1173776",
"url": "https://bugzilla.suse.com/1173776"
},
{
"category": "self",
"summary": "SUSE Bug 1173798",
"url": "https://bugzilla.suse.com/1173798"
},
{
"category": "self",
"summary": "SUSE Bug 1173813",
"url": "https://bugzilla.suse.com/1173813"
},
{
"category": "self",
"summary": "SUSE Bug 1173817",
"url": "https://bugzilla.suse.com/1173817"
},
{
"category": "self",
"summary": "SUSE Bug 1173818",
"url": "https://bugzilla.suse.com/1173818"
},
{
"category": "self",
"summary": "SUSE Bug 1173820",
"url": "https://bugzilla.suse.com/1173820"
},
{
"category": "self",
"summary": "SUSE Bug 1173822",
"url": "https://bugzilla.suse.com/1173822"
},
{
"category": "self",
"summary": "SUSE Bug 1173823",
"url": "https://bugzilla.suse.com/1173823"
},
{
"category": "self",
"summary": "SUSE Bug 1173824",
"url": "https://bugzilla.suse.com/1173824"
},
{
"category": "self",
"summary": "SUSE Bug 1173825",
"url": "https://bugzilla.suse.com/1173825"
},
{
"category": "self",
"summary": "SUSE Bug 1173826",
"url": "https://bugzilla.suse.com/1173826"
},
{
"category": "self",
"summary": "SUSE Bug 1173827",
"url": "https://bugzilla.suse.com/1173827"
},
{
"category": "self",
"summary": "SUSE Bug 1173828",
"url": "https://bugzilla.suse.com/1173828"
},
{
"category": "self",
"summary": "SUSE Bug 1173830",
"url": "https://bugzilla.suse.com/1173830"
},
{
"category": "self",
"summary": "SUSE Bug 1173831",
"url": "https://bugzilla.suse.com/1173831"
},
{
"category": "self",
"summary": "SUSE Bug 1173832",
"url": "https://bugzilla.suse.com/1173832"
},
{
"category": "self",
"summary": "SUSE Bug 1173833",
"url": "https://bugzilla.suse.com/1173833"
},
{
"category": "self",
"summary": "SUSE Bug 1173834",
"url": "https://bugzilla.suse.com/1173834"
},
{
"category": "self",
"summary": "SUSE Bug 1173836",
"url": "https://bugzilla.suse.com/1173836"
},
{
"category": "self",
"summary": "SUSE Bug 1173837",
"url": "https://bugzilla.suse.com/1173837"
},
{
"category": "self",
"summary": "SUSE Bug 1173838",
"url": "https://bugzilla.suse.com/1173838"
},
{
"category": "self",
"summary": "SUSE Bug 1173839",
"url": "https://bugzilla.suse.com/1173839"
},
{
"category": "self",
"summary": "SUSE Bug 1173841",
"url": "https://bugzilla.suse.com/1173841"
},
{
"category": "self",
"summary": "SUSE Bug 1173843",
"url": "https://bugzilla.suse.com/1173843"
},
{
"category": "self",
"summary": "SUSE Bug 1173844",
"url": "https://bugzilla.suse.com/1173844"
},
{
"category": "self",
"summary": "SUSE Bug 1173845",
"url": "https://bugzilla.suse.com/1173845"
},
{
"category": "self",
"summary": "SUSE Bug 1173847",
"url": "https://bugzilla.suse.com/1173847"
},
{
"category": "self",
"summary": "SUSE Bug 1173849",
"url": "https://bugzilla.suse.com/1173849"
},
{
"category": "self",
"summary": "SUSE Bug 1173860",
"url": "https://bugzilla.suse.com/1173860"
},
{
"category": "self",
"summary": "SUSE Bug 1173894",
"url": "https://bugzilla.suse.com/1173894"
},
{
"category": "self",
"summary": "SUSE Bug 1173941",
"url": "https://bugzilla.suse.com/1173941"
},
{
"category": "self",
"summary": "SUSE Bug 1173954",
"url": "https://bugzilla.suse.com/1173954"
},
{
"category": "self",
"summary": "SUSE Bug 1174002",
"url": "https://bugzilla.suse.com/1174002"
},
{
"category": "self",
"summary": "SUSE Bug 1174003",
"url": "https://bugzilla.suse.com/1174003"
},
{
"category": "self",
"summary": "SUSE Bug 1174018",
"url": "https://bugzilla.suse.com/1174018"
},
{
"category": "self",
"summary": "SUSE Bug 1174026",
"url": "https://bugzilla.suse.com/1174026"
},
{
"category": "self",
"summary": "SUSE Bug 1174029",
"url": "https://bugzilla.suse.com/1174029"
},
{
"category": "self",
"summary": "SUSE Bug 1174072",
"url": "https://bugzilla.suse.com/1174072"
},
{
"category": "self",
"summary": "SUSE Bug 1174098",
"url": "https://bugzilla.suse.com/1174098"
},
{
"category": "self",
"summary": "SUSE Bug 1174110",
"url": "https://bugzilla.suse.com/1174110"
},
{
"category": "self",
"summary": "SUSE Bug 1174111",
"url": "https://bugzilla.suse.com/1174111"
},
{
"category": "self",
"summary": "SUSE Bug 1174116",
"url": "https://bugzilla.suse.com/1174116"
},
{
"category": "self",
"summary": "SUSE Bug 1174126",
"url": "https://bugzilla.suse.com/1174126"
},
{
"category": "self",
"summary": "SUSE Bug 1174127",
"url": "https://bugzilla.suse.com/1174127"
},
{
"category": "self",
"summary": "SUSE Bug 1174128",
"url": "https://bugzilla.suse.com/1174128"
},
{
"category": "self",
"summary": "SUSE Bug 1174129",
"url": "https://bugzilla.suse.com/1174129"
},
{
"category": "self",
"summary": "SUSE Bug 1174146",
"url": "https://bugzilla.suse.com/1174146"
},
{
"category": "self",
"summary": "SUSE Bug 1174185",
"url": "https://bugzilla.suse.com/1174185"
},
{
"category": "self",
"summary": "SUSE Bug 1174205",
"url": "https://bugzilla.suse.com/1174205"
},
{
"category": "self",
"summary": "SUSE Bug 1174244",
"url": "https://bugzilla.suse.com/1174244"
},
{
"category": "self",
"summary": "SUSE Bug 1174263",
"url": "https://bugzilla.suse.com/1174263"
},
{
"category": "self",
"summary": "SUSE Bug 1174264",
"url": "https://bugzilla.suse.com/1174264"
},
{
"category": "self",
"summary": "SUSE Bug 1174331",
"url": "https://bugzilla.suse.com/1174331"
},
{
"category": "self",
"summary": "SUSE Bug 1174332",
"url": "https://bugzilla.suse.com/1174332"
},
{
"category": "self",
"summary": "SUSE Bug 1174333",
"url": "https://bugzilla.suse.com/1174333"
},
{
"category": "self",
"summary": "SUSE Bug 1174345",
"url": "https://bugzilla.suse.com/1174345"
},
{
"category": "self",
"summary": "SUSE Bug 1174356",
"url": "https://bugzilla.suse.com/1174356"
},
{
"category": "self",
"summary": "SUSE Bug 1174358",
"url": "https://bugzilla.suse.com/1174358"
},
{
"category": "self",
"summary": "SUSE Bug 1174362",
"url": "https://bugzilla.suse.com/1174362"
},
{
"category": "self",
"summary": "SUSE Bug 1174387",
"url": "https://bugzilla.suse.com/1174387"
},
{
"category": "self",
"summary": "SUSE Bug 1174396",
"url": "https://bugzilla.suse.com/1174396"
},
{
"category": "self",
"summary": "SUSE Bug 1174398",
"url": "https://bugzilla.suse.com/1174398"
},
{
"category": "self",
"summary": "SUSE Bug 1174407",
"url": "https://bugzilla.suse.com/1174407"
},
{
"category": "self",
"summary": "SUSE Bug 1174409",
"url": "https://bugzilla.suse.com/1174409"
},
{
"category": "self",
"summary": "SUSE Bug 1174411",
"url": "https://bugzilla.suse.com/1174411"
},
{
"category": "self",
"summary": "SUSE Bug 1174438",
"url": "https://bugzilla.suse.com/1174438"
},
{
"category": "self",
"summary": "SUSE Bug 1174462",
"url": "https://bugzilla.suse.com/1174462"
},
{
"category": "self",
"summary": "SUSE Bug 1174484",
"url": "https://bugzilla.suse.com/1174484"
},
{
"category": "self",
"summary": "SUSE Bug 1174486",
"url": "https://bugzilla.suse.com/1174486"
},
{
"category": "self",
"summary": "SUSE Bug 1174513",
"url": "https://bugzilla.suse.com/1174513"
},
{
"category": "self",
"summary": "SUSE Bug 1174527",
"url": "https://bugzilla.suse.com/1174527"
},
{
"category": "self",
"summary": "SUSE Bug 1174625",
"url": "https://bugzilla.suse.com/1174625"
},
{
"category": "self",
"summary": "SUSE Bug 1174627",
"url": "https://bugzilla.suse.com/1174627"
},
{
"category": "self",
"summary": "SUSE Bug 1174645",
"url": "https://bugzilla.suse.com/1174645"
},
{
"category": "self",
"summary": "SUSE Bug 1174689",
"url": "https://bugzilla.suse.com/1174689"
},
{
"category": "self",
"summary": "SUSE Bug 1174699",
"url": "https://bugzilla.suse.com/1174699"
},
{
"category": "self",
"summary": "SUSE Bug 1174737",
"url": "https://bugzilla.suse.com/1174737"
},
{
"category": "self",
"summary": "SUSE Bug 1174748",
"url": "https://bugzilla.suse.com/1174748"
},
{
"category": "self",
"summary": "SUSE Bug 1174757",
"url": "https://bugzilla.suse.com/1174757"
},
{
"category": "self",
"summary": "SUSE Bug 1174762",
"url": "https://bugzilla.suse.com/1174762"
},
{
"category": "self",
"summary": "SUSE Bug 1174770",
"url": "https://bugzilla.suse.com/1174770"
},
{
"category": "self",
"summary": "SUSE Bug 1174771",
"url": "https://bugzilla.suse.com/1174771"
},
{
"category": "self",
"summary": "SUSE Bug 1174777",
"url": "https://bugzilla.suse.com/1174777"
},
{
"category": "self",
"summary": "SUSE Bug 1174805",
"url": "https://bugzilla.suse.com/1174805"
},
{
"category": "self",
"summary": "SUSE Bug 1174824",
"url": "https://bugzilla.suse.com/1174824"
},
{
"category": "self",
"summary": "SUSE Bug 1174825",
"url": "https://bugzilla.suse.com/1174825"
},
{
"category": "self",
"summary": "SUSE Bug 1174852",
"url": "https://bugzilla.suse.com/1174852"
},
{
"category": "self",
"summary": "SUSE Bug 1174865",
"url": "https://bugzilla.suse.com/1174865"
},
{
"category": "self",
"summary": "SUSE Bug 1174880",
"url": "https://bugzilla.suse.com/1174880"
},
{
"category": "self",
"summary": "SUSE Bug 1174897",
"url": "https://bugzilla.suse.com/1174897"
},
{
"category": "self",
"summary": "SUSE Bug 1174899",
"url": "https://bugzilla.suse.com/1174899"
},
{
"category": "self",
"summary": "SUSE Bug 1174906",
"url": "https://bugzilla.suse.com/1174906"
},
{
"category": "self",
"summary": "SUSE Bug 1174969",
"url": "https://bugzilla.suse.com/1174969"
},
{
"category": "self",
"summary": "SUSE Bug 1175009",
"url": "https://bugzilla.suse.com/1175009"
},
{
"category": "self",
"summary": "SUSE Bug 1175010",
"url": "https://bugzilla.suse.com/1175010"
},
{
"category": "self",
"summary": "SUSE Bug 1175011",
"url": "https://bugzilla.suse.com/1175011"
},
{
"category": "self",
"summary": "SUSE Bug 1175012",
"url": "https://bugzilla.suse.com/1175012"
},
{
"category": "self",
"summary": "SUSE Bug 1175013",
"url": "https://bugzilla.suse.com/1175013"
},
{
"category": "self",
"summary": "SUSE Bug 1175014",
"url": "https://bugzilla.suse.com/1175014"
},
{
"category": "self",
"summary": "SUSE Bug 1175015",
"url": "https://bugzilla.suse.com/1175015"
},
{
"category": "self",
"summary": "SUSE Bug 1175016",
"url": "https://bugzilla.suse.com/1175016"
},
{
"category": "self",
"summary": "SUSE Bug 1175017",
"url": "https://bugzilla.suse.com/1175017"
},
{
"category": "self",
"summary": "SUSE Bug 1175018",
"url": "https://bugzilla.suse.com/1175018"
},
{
"category": "self",
"summary": "SUSE Bug 1175019",
"url": "https://bugzilla.suse.com/1175019"
},
{
"category": "self",
"summary": "SUSE Bug 1175020",
"url": "https://bugzilla.suse.com/1175020"
},
{
"category": "self",
"summary": "SUSE Bug 1175021",
"url": "https://bugzilla.suse.com/1175021"
},
{
"category": "self",
"summary": "SUSE Bug 1175052",
"url": "https://bugzilla.suse.com/1175052"
},
{
"category": "self",
"summary": "SUSE Bug 1175079",
"url": "https://bugzilla.suse.com/1175079"
},
{
"category": "self",
"summary": "SUSE Bug 1175112",
"url": "https://bugzilla.suse.com/1175112"
},
{
"category": "self",
"summary": "SUSE Bug 1175116",
"url": "https://bugzilla.suse.com/1175116"
},
{
"category": "self",
"summary": "SUSE Bug 1175128",
"url": "https://bugzilla.suse.com/1175128"
},
{
"category": "self",
"summary": "SUSE Bug 1175149",
"url": "https://bugzilla.suse.com/1175149"
},
{
"category": "self",
"summary": "SUSE Bug 1175175",
"url": "https://bugzilla.suse.com/1175175"
},
{
"category": "self",
"summary": "SUSE Bug 1175176",
"url": "https://bugzilla.suse.com/1175176"
},
{
"category": "self",
"summary": "SUSE Bug 1175180",
"url": "https://bugzilla.suse.com/1175180"
},
{
"category": "self",
"summary": "SUSE Bug 1175181",
"url": "https://bugzilla.suse.com/1175181"
},
{
"category": "self",
"summary": "SUSE Bug 1175182",
"url": "https://bugzilla.suse.com/1175182"
},
{
"category": "self",
"summary": "SUSE Bug 1175183",
"url": "https://bugzilla.suse.com/1175183"
},
{
"category": "self",
"summary": "SUSE Bug 1175184",
"url": "https://bugzilla.suse.com/1175184"
},
{
"category": "self",
"summary": "SUSE Bug 1175185",
"url": "https://bugzilla.suse.com/1175185"
},
{
"category": "self",
"summary": "SUSE Bug 1175186",
"url": "https://bugzilla.suse.com/1175186"
},
{
"category": "self",
"summary": "SUSE Bug 1175187",
"url": "https://bugzilla.suse.com/1175187"
},
{
"category": "self",
"summary": "SUSE Bug 1175188",
"url": "https://bugzilla.suse.com/1175188"
},
{
"category": "self",
"summary": "SUSE Bug 1175189",
"url": "https://bugzilla.suse.com/1175189"
},
{
"category": "self",
"summary": "SUSE Bug 1175190",
"url": "https://bugzilla.suse.com/1175190"
},
{
"category": "self",
"summary": "SUSE Bug 1175191",
"url": "https://bugzilla.suse.com/1175191"
},
{
"category": "self",
"summary": "SUSE Bug 1175192",
"url": "https://bugzilla.suse.com/1175192"
},
{
"category": "self",
"summary": "SUSE Bug 1175195",
"url": "https://bugzilla.suse.com/1175195"
},
{
"category": "self",
"summary": "SUSE Bug 1175199",
"url": "https://bugzilla.suse.com/1175199"
},
{
"category": "self",
"summary": "SUSE Bug 1175213",
"url": "https://bugzilla.suse.com/1175213"
},
{
"category": "self",
"summary": "SUSE Bug 1175232",
"url": "https://bugzilla.suse.com/1175232"
},
{
"category": "self",
"summary": "SUSE Bug 1175263",
"url": "https://bugzilla.suse.com/1175263"
},
{
"category": "self",
"summary": "SUSE Bug 1175284",
"url": "https://bugzilla.suse.com/1175284"
},
{
"category": "self",
"summary": "SUSE Bug 1175296",
"url": "https://bugzilla.suse.com/1175296"
},
{
"category": "self",
"summary": "SUSE Bug 1175306",
"url": "https://bugzilla.suse.com/1175306"
},
{
"category": "self",
"summary": "SUSE Bug 1175344",
"url": "https://bugzilla.suse.com/1175344"
},
{
"category": "self",
"summary": "SUSE Bug 1175345",
"url": "https://bugzilla.suse.com/1175345"
},
{
"category": "self",
"summary": "SUSE Bug 1175346",
"url": "https://bugzilla.suse.com/1175346"
},
{
"category": "self",
"summary": "SUSE Bug 1175347",
"url": "https://bugzilla.suse.com/1175347"
},
{
"category": "self",
"summary": "SUSE Bug 1175367",
"url": "https://bugzilla.suse.com/1175367"
},
{
"category": "self",
"summary": "SUSE Bug 1175377",
"url": "https://bugzilla.suse.com/1175377"
},
{
"category": "self",
"summary": "SUSE Bug 1175440",
"url": "https://bugzilla.suse.com/1175440"
},
{
"category": "self",
"summary": "SUSE Bug 1175480",
"url": "https://bugzilla.suse.com/1175480"
},
{
"category": "self",
"summary": "SUSE Bug 1175493",
"url": "https://bugzilla.suse.com/1175493"
},
{
"category": "self",
"summary": "SUSE Bug 1175546",
"url": "https://bugzilla.suse.com/1175546"
},
{
"category": "self",
"summary": "SUSE Bug 1175550",
"url": "https://bugzilla.suse.com/1175550"
},
{
"category": "self",
"summary": "SUSE Bug 1175599",
"url": "https://bugzilla.suse.com/1175599"
},
{
"category": "self",
"summary": "SUSE Bug 1175621",
"url": "https://bugzilla.suse.com/1175621"
},
{
"category": "self",
"summary": "SUSE Bug 1175654",
"url": "https://bugzilla.suse.com/1175654"
},
{
"category": "self",
"summary": "SUSE Bug 1175667",
"url": "https://bugzilla.suse.com/1175667"
},
{
"category": "self",
"summary": "SUSE Bug 1175691",
"url": "https://bugzilla.suse.com/1175691"
},
{
"category": "self",
"summary": "SUSE Bug 1175718",
"url": "https://bugzilla.suse.com/1175718"
},
{
"category": "self",
"summary": "SUSE Bug 1175721",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "self",
"summary": "SUSE Bug 1175749",
"url": "https://bugzilla.suse.com/1175749"
},
{
"category": "self",
"summary": "SUSE Bug 1175768",
"url": "https://bugzilla.suse.com/1175768"
},
{
"category": "self",
"summary": "SUSE Bug 1175769",
"url": "https://bugzilla.suse.com/1175769"
},
{
"category": "self",
"summary": "SUSE Bug 1175770",
"url": "https://bugzilla.suse.com/1175770"
},
{
"category": "self",
"summary": "SUSE Bug 1175771",
"url": "https://bugzilla.suse.com/1175771"
},
{
"category": "self",
"summary": "SUSE Bug 1175772",
"url": "https://bugzilla.suse.com/1175772"
},
{
"category": "self",
"summary": "SUSE Bug 1175774",
"url": "https://bugzilla.suse.com/1175774"
},
{
"category": "self",
"summary": "SUSE Bug 1175775",
"url": "https://bugzilla.suse.com/1175775"
},
{
"category": "self",
"summary": "SUSE Bug 1175787",
"url": "https://bugzilla.suse.com/1175787"
},
{
"category": "self",
"summary": "SUSE Bug 1175807",
"url": "https://bugzilla.suse.com/1175807"
},
{
"category": "self",
"summary": "SUSE Bug 1175834",
"url": "https://bugzilla.suse.com/1175834"
},
{
"category": "self",
"summary": "SUSE Bug 1175873",
"url": "https://bugzilla.suse.com/1175873"
},
{
"category": "self",
"summary": "SUSE Bug 1175882",
"url": "https://bugzilla.suse.com/1175882"
},
{
"category": "self",
"summary": "SUSE Bug 1175898",
"url": "https://bugzilla.suse.com/1175898"
},
{
"category": "self",
"summary": "SUSE Bug 1175918",
"url": "https://bugzilla.suse.com/1175918"
},
{
"category": "self",
"summary": "SUSE Bug 1175952",
"url": "https://bugzilla.suse.com/1175952"
},
{
"category": "self",
"summary": "SUSE Bug 1175995",
"url": "https://bugzilla.suse.com/1175995"
},
{
"category": "self",
"summary": "SUSE Bug 1175996",
"url": "https://bugzilla.suse.com/1175996"
},
{
"category": "self",
"summary": "SUSE Bug 1175997",
"url": "https://bugzilla.suse.com/1175997"
},
{
"category": "self",
"summary": "SUSE Bug 1175998",
"url": "https://bugzilla.suse.com/1175998"
},
{
"category": "self",
"summary": "SUSE Bug 1175999",
"url": "https://bugzilla.suse.com/1175999"
},
{
"category": "self",
"summary": "SUSE Bug 1176000",
"url": "https://bugzilla.suse.com/1176000"
},
{
"category": "self",
"summary": "SUSE Bug 1176001",
"url": "https://bugzilla.suse.com/1176001"
},
{
"category": "self",
"summary": "SUSE Bug 1176019",
"url": "https://bugzilla.suse.com/1176019"
},
{
"category": "self",
"summary": "SUSE Bug 1176022",
"url": "https://bugzilla.suse.com/1176022"
},
{
"category": "self",
"summary": "SUSE Bug 1176038",
"url": "https://bugzilla.suse.com/1176038"
},
{
"category": "self",
"summary": "SUSE Bug 1176063",
"url": "https://bugzilla.suse.com/1176063"
},
{
"category": "self",
"summary": "SUSE Bug 1176069",
"url": "https://bugzilla.suse.com/1176069"
},
{
"category": "self",
"summary": "SUSE Bug 1176109",
"url": "https://bugzilla.suse.com/1176109"
},
{
"category": "self",
"summary": "SUSE Bug 1176137",
"url": "https://bugzilla.suse.com/1176137"
},
{
"category": "self",
"summary": "SUSE Bug 1176180",
"url": "https://bugzilla.suse.com/1176180"
},
{
"category": "self",
"summary": "SUSE Bug 1176200",
"url": "https://bugzilla.suse.com/1176200"
},
{
"category": "self",
"summary": "SUSE Bug 1176235",
"url": "https://bugzilla.suse.com/1176235"
},
{
"category": "self",
"summary": "SUSE Bug 1176236",
"url": "https://bugzilla.suse.com/1176236"
},
{
"category": "self",
"summary": "SUSE Bug 1176237",
"url": "https://bugzilla.suse.com/1176237"
},
{
"category": "self",
"summary": "SUSE Bug 1176242",
"url": "https://bugzilla.suse.com/1176242"
},
{
"category": "self",
"summary": "SUSE Bug 1176354",
"url": "https://bugzilla.suse.com/1176354"
},
{
"category": "self",
"summary": "SUSE Bug 1176357",
"url": "https://bugzilla.suse.com/1176357"
},
{
"category": "self",
"summary": "SUSE Bug 1176358",
"url": "https://bugzilla.suse.com/1176358"
},
{
"category": "self",
"summary": "SUSE Bug 1176359",
"url": "https://bugzilla.suse.com/1176359"
},
{
"category": "self",
"summary": "SUSE Bug 1176360",
"url": "https://bugzilla.suse.com/1176360"
},
{
"category": "self",
"summary": "SUSE Bug 1176361",
"url": "https://bugzilla.suse.com/1176361"
},
{
"category": "self",
"summary": "SUSE Bug 1176362",
"url": "https://bugzilla.suse.com/1176362"
},
{
"category": "self",
"summary": "SUSE Bug 1176363",
"url": "https://bugzilla.suse.com/1176363"
},
{
"category": "self",
"summary": "SUSE Bug 1176364",
"url": "https://bugzilla.suse.com/1176364"
},
{
"category": "self",
"summary": "SUSE Bug 1176365",
"url": "https://bugzilla.suse.com/1176365"
},
{
"category": "self",
"summary": "SUSE Bug 1176366",
"url": "https://bugzilla.suse.com/1176366"
},
{
"category": "self",
"summary": "SUSE Bug 1176367",
"url": "https://bugzilla.suse.com/1176367"
},
{
"category": "self",
"summary": "SUSE Bug 1176381",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "self",
"summary": "SUSE Bug 1176396",
"url": "https://bugzilla.suse.com/1176396"
},
{
"category": "self",
"summary": "SUSE Bug 1176400",
"url": "https://bugzilla.suse.com/1176400"
},
{
"category": "self",
"summary": "SUSE Bug 1176423",
"url": "https://bugzilla.suse.com/1176423"
},
{
"category": "self",
"summary": "SUSE Bug 1176449",
"url": "https://bugzilla.suse.com/1176449"
},
{
"category": "self",
"summary": "SUSE Bug 1176481",
"url": "https://bugzilla.suse.com/1176481"
},
{
"category": "self",
"summary": "SUSE Bug 1176485",
"url": "https://bugzilla.suse.com/1176485"
},
{
"category": "self",
"summary": "SUSE Bug 1176486",
"url": "https://bugzilla.suse.com/1176486"
},
{
"category": "self",
"summary": "SUSE Bug 1176507",
"url": "https://bugzilla.suse.com/1176507"
},
{
"category": "self",
"summary": "SUSE Bug 1176536",
"url": "https://bugzilla.suse.com/1176536"
},
{
"category": "self",
"summary": "SUSE Bug 1176537",
"url": "https://bugzilla.suse.com/1176537"
},
{
"category": "self",
"summary": "SUSE Bug 1176538",
"url": "https://bugzilla.suse.com/1176538"
},
{
"category": "self",
"summary": "SUSE Bug 1176539",
"url": "https://bugzilla.suse.com/1176539"
},
{
"category": "self",
"summary": "SUSE Bug 1176540",
"url": "https://bugzilla.suse.com/1176540"
},
{
"category": "self",
"summary": "SUSE Bug 1176541",
"url": "https://bugzilla.suse.com/1176541"
},
{
"category": "self",
"summary": "SUSE Bug 1176542",
"url": "https://bugzilla.suse.com/1176542"
},
{
"category": "self",
"summary": "SUSE Bug 1176543",
"url": "https://bugzilla.suse.com/1176543"
},
{
"category": "self",
"summary": "SUSE Bug 1176544",
"url": "https://bugzilla.suse.com/1176544"
},
{
"category": "self",
"summary": "SUSE Bug 1176545",
"url": "https://bugzilla.suse.com/1176545"
},
{
"category": "self",
"summary": "SUSE Bug 1176546",
"url": "https://bugzilla.suse.com/1176546"
},
{
"category": "self",
"summary": "SUSE Bug 1176548",
"url": "https://bugzilla.suse.com/1176548"
},
{
"category": "self",
"summary": "SUSE Bug 1176558",
"url": "https://bugzilla.suse.com/1176558"
},
{
"category": "self",
"summary": "SUSE Bug 1176559",
"url": "https://bugzilla.suse.com/1176559"
},
{
"category": "self",
"summary": "SUSE Bug 1176564",
"url": "https://bugzilla.suse.com/1176564"
},
{
"category": "self",
"summary": "SUSE Bug 1176586",
"url": "https://bugzilla.suse.com/1176586"
},
{
"category": "self",
"summary": "SUSE Bug 1176587",
"url": "https://bugzilla.suse.com/1176587"
},
{
"category": "self",
"summary": "SUSE Bug 1176588",
"url": "https://bugzilla.suse.com/1176588"
},
{
"category": "self",
"summary": "SUSE Bug 1176659",
"url": "https://bugzilla.suse.com/1176659"
},
{
"category": "self",
"summary": "SUSE Bug 1176698",
"url": "https://bugzilla.suse.com/1176698"
},
{
"category": "self",
"summary": "SUSE Bug 1176699",
"url": "https://bugzilla.suse.com/1176699"
},
{
"category": "self",
"summary": "SUSE Bug 1176700",
"url": "https://bugzilla.suse.com/1176700"
},
{
"category": "self",
"summary": "SUSE Bug 1176713",
"url": "https://bugzilla.suse.com/1176713"
},
{
"category": "self",
"summary": "SUSE Bug 1176721",
"url": "https://bugzilla.suse.com/1176721"
},
{
"category": "self",
"summary": "SUSE Bug 1176722",
"url": "https://bugzilla.suse.com/1176722"
},
{
"category": "self",
"summary": "SUSE Bug 1176725",
"url": "https://bugzilla.suse.com/1176725"
},
{
"category": "self",
"summary": "SUSE Bug 1176732",
"url": "https://bugzilla.suse.com/1176732"
},
{
"category": "self",
"summary": "SUSE Bug 1176763",
"url": "https://bugzilla.suse.com/1176763"
},
{
"category": "self",
"summary": "SUSE Bug 1176775",
"url": "https://bugzilla.suse.com/1176775"
},
{
"category": "self",
"summary": "SUSE Bug 1176788",
"url": "https://bugzilla.suse.com/1176788"
},
{
"category": "self",
"summary": "SUSE Bug 1176789",
"url": "https://bugzilla.suse.com/1176789"
},
{
"category": "self",
"summary": "SUSE Bug 1176833",
"url": "https://bugzilla.suse.com/1176833"
},
{
"category": "self",
"summary": "SUSE Bug 1176855",
"url": "https://bugzilla.suse.com/1176855"
},
{
"category": "self",
"summary": "SUSE Bug 1176869",
"url": "https://bugzilla.suse.com/1176869"
},
{
"category": "self",
"summary": "SUSE Bug 1176877",
"url": "https://bugzilla.suse.com/1176877"
},
{
"category": "self",
"summary": "SUSE Bug 1176907",
"url": "https://bugzilla.suse.com/1176907"
},
{
"category": "self",
"summary": "SUSE Bug 1176925",
"url": "https://bugzilla.suse.com/1176925"
},
{
"category": "self",
"summary": "SUSE Bug 1176942",
"url": "https://bugzilla.suse.com/1176942"
},
{
"category": "self",
"summary": "SUSE Bug 1176956",
"url": "https://bugzilla.suse.com/1176956"
},
{
"category": "self",
"summary": "SUSE Bug 1176962",
"url": "https://bugzilla.suse.com/1176962"
},
{
"category": "self",
"summary": "SUSE Bug 1176979",
"url": "https://bugzilla.suse.com/1176979"
},
{
"category": "self",
"summary": "SUSE Bug 1176980",
"url": "https://bugzilla.suse.com/1176980"
},
{
"category": "self",
"summary": "SUSE Bug 1176983",
"url": "https://bugzilla.suse.com/1176983"
},
{
"category": "self",
"summary": "SUSE Bug 1176990",
"url": "https://bugzilla.suse.com/1176990"
},
{
"category": "self",
"summary": "SUSE Bug 1177021",
"url": "https://bugzilla.suse.com/1177021"
},
{
"category": "self",
"summary": "SUSE Bug 1177030",
"url": "https://bugzilla.suse.com/1177030"
},
{
"category": "self",
"summary": "SUSE Bug 1177066",
"url": "https://bugzilla.suse.com/1177066"
},
{
"category": "self",
"summary": "SUSE Bug 1177070",
"url": "https://bugzilla.suse.com/1177070"
},
{
"category": "self",
"summary": "SUSE Bug 1177086",
"url": "https://bugzilla.suse.com/1177086"
},
{
"category": "self",
"summary": "SUSE Bug 1177090",
"url": "https://bugzilla.suse.com/1177090"
},
{
"category": "self",
"summary": "SUSE Bug 1177109",
"url": "https://bugzilla.suse.com/1177109"
},
{
"category": "self",
"summary": "SUSE Bug 1177121",
"url": "https://bugzilla.suse.com/1177121"
},
{
"category": "self",
"summary": "SUSE Bug 1177193",
"url": "https://bugzilla.suse.com/1177193"
},
{
"category": "self",
"summary": "SUSE Bug 1177194",
"url": "https://bugzilla.suse.com/1177194"
},
{
"category": "self",
"summary": "SUSE Bug 1177206",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "self",
"summary": "SUSE Bug 1177258",
"url": "https://bugzilla.suse.com/1177258"
},
{
"category": "self",
"summary": "SUSE Bug 1177271",
"url": "https://bugzilla.suse.com/1177271"
},
{
"category": "self",
"summary": "SUSE Bug 1177281",
"url": "https://bugzilla.suse.com/1177281"
},
{
"category": "self",
"summary": "SUSE Bug 1177283",
"url": "https://bugzilla.suse.com/1177283"
},
{
"category": "self",
"summary": "SUSE Bug 1177284",
"url": "https://bugzilla.suse.com/1177284"
},
{
"category": "self",
"summary": "SUSE Bug 1177285",
"url": "https://bugzilla.suse.com/1177285"
},
{
"category": "self",
"summary": "SUSE Bug 1177286",
"url": "https://bugzilla.suse.com/1177286"
},
{
"category": "self",
"summary": "SUSE Bug 1177297",
"url": "https://bugzilla.suse.com/1177297"
},
{
"category": "self",
"summary": "SUSE Bug 1177326",
"url": "https://bugzilla.suse.com/1177326"
},
{
"category": "self",
"summary": "SUSE Bug 1177353",
"url": "https://bugzilla.suse.com/1177353"
},
{
"category": "self",
"summary": "SUSE Bug 1177384",
"url": "https://bugzilla.suse.com/1177384"
},
{
"category": "self",
"summary": "SUSE Bug 1177397",
"url": "https://bugzilla.suse.com/1177397"
},
{
"category": "self",
"summary": "SUSE Bug 1177410",
"url": "https://bugzilla.suse.com/1177410"
},
{
"category": "self",
"summary": "SUSE Bug 1177411",
"url": "https://bugzilla.suse.com/1177411"
},
{
"category": "self",
"summary": "SUSE Bug 1177470",
"url": "https://bugzilla.suse.com/1177470"
},
{
"category": "self",
"summary": "SUSE Bug 1177500",
"url": "https://bugzilla.suse.com/1177500"
},
{
"category": "self",
"summary": "SUSE Bug 1177511",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "self",
"summary": "SUSE Bug 1177617",
"url": "https://bugzilla.suse.com/1177617"
},
{
"category": "self",
"summary": "SUSE Bug 1177666",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "self",
"summary": "SUSE Bug 1177679",
"url": "https://bugzilla.suse.com/1177679"
},
{
"category": "self",
"summary": "SUSE Bug 1177681",
"url": "https://bugzilla.suse.com/1177681"
},
{
"category": "self",
"summary": "SUSE Bug 1177683",
"url": "https://bugzilla.suse.com/1177683"
},
{
"category": "self",
"summary": "SUSE Bug 1177687",
"url": "https://bugzilla.suse.com/1177687"
},
{
"category": "self",
"summary": "SUSE Bug 1177694",
"url": "https://bugzilla.suse.com/1177694"
},
{
"category": "self",
"summary": "SUSE Bug 1177697",
"url": "https://bugzilla.suse.com/1177697"
},
{
"category": "self",
"summary": "SUSE Bug 1177698",
"url": "https://bugzilla.suse.com/1177698"
},
{
"category": "self",
"summary": "SUSE Bug 1177703",
"url": "https://bugzilla.suse.com/1177703"
},
{
"category": "self",
"summary": "SUSE Bug 1177719",
"url": "https://bugzilla.suse.com/1177719"
},
{
"category": "self",
"summary": "SUSE Bug 1177724",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "self",
"summary": "SUSE Bug 1177725",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "self",
"summary": "SUSE Bug 1177726",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "self",
"summary": "SUSE Bug 1177733",
"url": "https://bugzilla.suse.com/1177733"
},
{
"category": "self",
"summary": "SUSE Bug 1177739",
"url": "https://bugzilla.suse.com/1177739"
},
{
"category": "self",
"summary": "SUSE Bug 1177749",
"url": "https://bugzilla.suse.com/1177749"
},
{
"category": "self",
"summary": "SUSE Bug 1177750",
"url": "https://bugzilla.suse.com/1177750"
},
{
"category": "self",
"summary": "SUSE Bug 1177754",
"url": "https://bugzilla.suse.com/1177754"
},
{
"category": "self",
"summary": "SUSE Bug 1177755",
"url": "https://bugzilla.suse.com/1177755"
},
{
"category": "self",
"summary": "SUSE Bug 1177765",
"url": "https://bugzilla.suse.com/1177765"
},
{
"category": "self",
"summary": "SUSE Bug 1177766",
"url": "https://bugzilla.suse.com/1177766"
},
{
"category": "self",
"summary": "SUSE Bug 1177799",
"url": "https://bugzilla.suse.com/1177799"
},
{
"category": "self",
"summary": "SUSE Bug 1177801",
"url": "https://bugzilla.suse.com/1177801"
},
{
"category": "self",
"summary": "SUSE Bug 1177814",
"url": "https://bugzilla.suse.com/1177814"
},
{
"category": "self",
"summary": "SUSE Bug 1177817",
"url": "https://bugzilla.suse.com/1177817"
},
{
"category": "self",
"summary": "SUSE Bug 1177820",
"url": "https://bugzilla.suse.com/1177820"
},
{
"category": "self",
"summary": "SUSE Bug 1177854",
"url": "https://bugzilla.suse.com/1177854"
},
{
"category": "self",
"summary": "SUSE Bug 1177855",
"url": "https://bugzilla.suse.com/1177855"
},
{
"category": "self",
"summary": "SUSE Bug 1177856",
"url": "https://bugzilla.suse.com/1177856"
},
{
"category": "self",
"summary": "SUSE Bug 1177861",
"url": "https://bugzilla.suse.com/1177861"
},
{
"category": "self",
"summary": "SUSE Bug 1178002",
"url": "https://bugzilla.suse.com/1178002"
},
{
"category": "self",
"summary": "SUSE Bug 1178049",
"url": "https://bugzilla.suse.com/1178049"
},
{
"category": "self",
"summary": "SUSE Bug 1178079",
"url": "https://bugzilla.suse.com/1178079"
},
{
"category": "self",
"summary": "SUSE Bug 1178123",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "self",
"summary": "SUSE Bug 1178166",
"url": "https://bugzilla.suse.com/1178166"
},
{
"category": "self",
"summary": "SUSE Bug 1178173",
"url": "https://bugzilla.suse.com/1178173"
},
{
"category": "self",
"summary": "SUSE Bug 1178175",
"url": "https://bugzilla.suse.com/1178175"
},
{
"category": "self",
"summary": "SUSE Bug 1178176",
"url": "https://bugzilla.suse.com/1178176"
},
{
"category": "self",
"summary": "SUSE Bug 1178177",
"url": "https://bugzilla.suse.com/1178177"
},
{
"category": "self",
"summary": "SUSE Bug 1178182",
"url": "https://bugzilla.suse.com/1178182"
},
{
"category": "self",
"summary": "SUSE Bug 1178183",
"url": "https://bugzilla.suse.com/1178183"
},
{
"category": "self",
"summary": "SUSE Bug 1178184",
"url": "https://bugzilla.suse.com/1178184"
},
{
"category": "self",
"summary": "SUSE Bug 1178185",
"url": "https://bugzilla.suse.com/1178185"
},
{
"category": "self",
"summary": "SUSE Bug 1178186",
"url": "https://bugzilla.suse.com/1178186"
},
{
"category": "self",
"summary": "SUSE Bug 1178190",
"url": "https://bugzilla.suse.com/1178190"
},
{
"category": "self",
"summary": "SUSE Bug 1178191",
"url": "https://bugzilla.suse.com/1178191"
},
{
"category": "self",
"summary": "SUSE Bug 1178203",
"url": "https://bugzilla.suse.com/1178203"
},
{
"category": "self",
"summary": "SUSE Bug 1178227",
"url": "https://bugzilla.suse.com/1178227"
},
{
"category": "self",
"summary": "SUSE Bug 1178246",
"url": "https://bugzilla.suse.com/1178246"
},
{
"category": "self",
"summary": "SUSE Bug 1178255",
"url": "https://bugzilla.suse.com/1178255"
},
{
"category": "self",
"summary": "SUSE Bug 1178270",
"url": "https://bugzilla.suse.com/1178270"
},
{
"category": "self",
"summary": "SUSE Bug 1178286",
"url": "https://bugzilla.suse.com/1178286"
},
{
"category": "self",
"summary": "SUSE Bug 1178307",
"url": "https://bugzilla.suse.com/1178307"
},
{
"category": "self",
"summary": "SUSE Bug 1178330",
"url": "https://bugzilla.suse.com/1178330"
},
{
"category": "self",
"summary": "SUSE Bug 1178393",
"url": "https://bugzilla.suse.com/1178393"
},
{
"category": "self",
"summary": "SUSE Bug 1178395",
"url": "https://bugzilla.suse.com/1178395"
},
{
"category": "self",
"summary": "SUSE Bug 1178401",
"url": "https://bugzilla.suse.com/1178401"
},
{
"category": "self",
"summary": "SUSE Bug 1178426",
"url": "https://bugzilla.suse.com/1178426"
},
{
"category": "self",
"summary": "SUSE Bug 1178461",
"url": "https://bugzilla.suse.com/1178461"
},
{
"category": "self",
"summary": "SUSE Bug 1178579",
"url": "https://bugzilla.suse.com/1178579"
},
{
"category": "self",
"summary": "SUSE Bug 1178581",
"url": "https://bugzilla.suse.com/1178581"
},
{
"category": "self",
"summary": "SUSE Bug 1178584",
"url": "https://bugzilla.suse.com/1178584"
},
{
"category": "self",
"summary": "SUSE Bug 1178585",
"url": "https://bugzilla.suse.com/1178585"
},
{
"category": "self",
"summary": "SUSE Bug 1178589",
"url": "https://bugzilla.suse.com/1178589"
},
{
"category": "self",
"summary": "SUSE Bug 1178590",
"url": "https://bugzilla.suse.com/1178590"
},
{
"category": "self",
"summary": "SUSE Bug 1178612",
"url": "https://bugzilla.suse.com/1178612"
},
{
"category": "self",
"summary": "SUSE Bug 1178634",
"url": "https://bugzilla.suse.com/1178634"
},
{
"category": "self",
"summary": "SUSE Bug 1178635",
"url": "https://bugzilla.suse.com/1178635"
},
{
"category": "self",
"summary": "SUSE Bug 1178653",
"url": "https://bugzilla.suse.com/1178653"
},
{
"category": "self",
"summary": "SUSE Bug 1178659",
"url": "https://bugzilla.suse.com/1178659"
},
{
"category": "self",
"summary": "SUSE Bug 1178660",
"url": "https://bugzilla.suse.com/1178660"
},
{
"category": "self",
"summary": "SUSE Bug 1178661",
"url": "https://bugzilla.suse.com/1178661"
},
{
"category": "self",
"summary": "SUSE Bug 1178669",
"url": "https://bugzilla.suse.com/1178669"
},
{
"category": "self",
"summary": "SUSE Bug 1178686",
"url": "https://bugzilla.suse.com/1178686"
},
{
"category": "self",
"summary": "SUSE Bug 1178740",
"url": "https://bugzilla.suse.com/1178740"
},
{
"category": "self",
"summary": "SUSE Bug 1178755",
"url": "https://bugzilla.suse.com/1178755"
},
{
"category": "self",
"summary": "SUSE Bug 1178756",
"url": "https://bugzilla.suse.com/1178756"
},
{
"category": "self",
"summary": "SUSE Bug 1178762",
"url": "https://bugzilla.suse.com/1178762"
},
{
"category": "self",
"summary": "SUSE Bug 1178780",
"url": "https://bugzilla.suse.com/1178780"
},
{
"category": "self",
"summary": "SUSE Bug 1178838",
"url": "https://bugzilla.suse.com/1178838"
},
{
"category": "self",
"summary": "SUSE Bug 1178853",
"url": "https://bugzilla.suse.com/1178853"
},
{
"category": "self",
"summary": "SUSE Bug 1178886",
"url": "https://bugzilla.suse.com/1178886"
},
{
"category": "self",
"summary": "SUSE Bug 1179001",
"url": "https://bugzilla.suse.com/1179001"
},
{
"category": "self",
"summary": "SUSE Bug 1179012",
"url": "https://bugzilla.suse.com/1179012"
},
{
"category": "self",
"summary": "SUSE Bug 1179014",
"url": "https://bugzilla.suse.com/1179014"
},
{
"category": "self",
"summary": "SUSE Bug 1179015",
"url": "https://bugzilla.suse.com/1179015"
},
{
"category": "self",
"summary": "SUSE Bug 1179045",
"url": "https://bugzilla.suse.com/1179045"
},
{
"category": "self",
"summary": "SUSE Bug 1179076",
"url": "https://bugzilla.suse.com/1179076"
},
{
"category": "self",
"summary": "SUSE Bug 1179082",
"url": "https://bugzilla.suse.com/1179082"
},
{
"category": "self",
"summary": "SUSE Bug 1179107",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "self",
"summary": "SUSE Bug 1179140",
"url": "https://bugzilla.suse.com/1179140"
},
{
"category": "self",
"summary": "SUSE Bug 1179141",
"url": "https://bugzilla.suse.com/1179141"
},
{
"category": "self",
"summary": "SUSE Bug 1179160",
"url": "https://bugzilla.suse.com/1179160"
},
{
"category": "self",
"summary": "SUSE Bug 1179201",
"url": "https://bugzilla.suse.com/1179201"
},
{
"category": "self",
"summary": "SUSE Bug 1179204",
"url": "https://bugzilla.suse.com/1179204"
},
{
"category": "self",
"summary": "SUSE Bug 1179211",
"url": "https://bugzilla.suse.com/1179211"
},
{
"category": "self",
"summary": "SUSE Bug 1179217",
"url": "https://bugzilla.suse.com/1179217"
},
{
"category": "self",
"summary": "SUSE Bug 1179419",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "self",
"summary": "SUSE Bug 1179424",
"url": "https://bugzilla.suse.com/1179424"
},
{
"category": "self",
"summary": "SUSE Bug 1179425",
"url": "https://bugzilla.suse.com/1179425"
},
{
"category": "self",
"summary": "SUSE Bug 1179426",
"url": "https://bugzilla.suse.com/1179426"
},
{
"category": "self",
"summary": "SUSE Bug 1179427",
"url": "https://bugzilla.suse.com/1179427"
},
{
"category": "self",
"summary": "SUSE Bug 1179429",
"url": "https://bugzilla.suse.com/1179429"
},
{
"category": "self",
"summary": "SUSE Bug 1179432",
"url": "https://bugzilla.suse.com/1179432"
},
{
"category": "self",
"summary": "SUSE Bug 1179434",
"url": "https://bugzilla.suse.com/1179434"
},
{
"category": "self",
"summary": "SUSE Bug 1179435",
"url": "https://bugzilla.suse.com/1179435"
},
{
"category": "self",
"summary": "SUSE Bug 1179442",
"url": "https://bugzilla.suse.com/1179442"
},
{
"category": "self",
"summary": "SUSE Bug 1179519",
"url": "https://bugzilla.suse.com/1179519"
},
{
"category": "self",
"summary": "SUSE Bug 1179550",
"url": "https://bugzilla.suse.com/1179550"
},
{
"category": "self",
"summary": "SUSE Bug 1179575",
"url": "https://bugzilla.suse.com/1179575"
},
{
"category": "self",
"summary": "SUSE Bug 1179578",
"url": "https://bugzilla.suse.com/1179578"
},
{
"category": "self",
"summary": "SUSE Bug 1179601",
"url": "https://bugzilla.suse.com/1179601"
},
{
"category": "self",
"summary": "SUSE Bug 1179604",
"url": "https://bugzilla.suse.com/1179604"
},
{
"category": "self",
"summary": "SUSE Bug 1179639",
"url": "https://bugzilla.suse.com/1179639"
},
{
"category": "self",
"summary": "SUSE Bug 1179652",
"url": "https://bugzilla.suse.com/1179652"
},
{
"category": "self",
"summary": "SUSE Bug 1179656",
"url": "https://bugzilla.suse.com/1179656"
},
{
"category": "self",
"summary": "SUSE Bug 1179670",
"url": "https://bugzilla.suse.com/1179670"
},
{
"category": "self",
"summary": "SUSE Bug 1179671",
"url": "https://bugzilla.suse.com/1179671"
},
{
"category": "self",
"summary": "SUSE Bug 1179672",
"url": "https://bugzilla.suse.com/1179672"
},
{
"category": "self",
"summary": "SUSE Bug 1179673",
"url": "https://bugzilla.suse.com/1179673"
},
{
"category": "self",
"summary": "SUSE Bug 1179675",
"url": "https://bugzilla.suse.com/1179675"
},
{
"category": "self",
"summary": "SUSE Bug 1179676",
"url": "https://bugzilla.suse.com/1179676"
},
{
"category": "self",
"summary": "SUSE Bug 1179677",
"url": "https://bugzilla.suse.com/1179677"
},
{
"category": "self",
"summary": "SUSE Bug 1179678",
"url": "https://bugzilla.suse.com/1179678"
},
{
"category": "self",
"summary": "SUSE Bug 1179679",
"url": "https://bugzilla.suse.com/1179679"
},
{
"category": "self",
"summary": "SUSE Bug 1179680",
"url": "https://bugzilla.suse.com/1179680"
},
{
"category": "self",
"summary": "SUSE Bug 1179681",
"url": "https://bugzilla.suse.com/1179681"
},
{
"category": "self",
"summary": "SUSE Bug 1179682",
"url": "https://bugzilla.suse.com/1179682"
},
{
"category": "self",
"summary": "SUSE Bug 1179683",
"url": "https://bugzilla.suse.com/1179683"
},
{
"category": "self",
"summary": "SUSE Bug 1179684",
"url": "https://bugzilla.suse.com/1179684"
},
{
"category": "self",
"summary": "SUSE Bug 1179685",
"url": "https://bugzilla.suse.com/1179685"
},
{
"category": "self",
"summary": "SUSE Bug 1179687",
"url": "https://bugzilla.suse.com/1179687"
},
{
"category": "self",
"summary": "SUSE Bug 1179688",
"url": "https://bugzilla.suse.com/1179688"
},
{
"category": "self",
"summary": "SUSE Bug 1179689",
"url": "https://bugzilla.suse.com/1179689"
},
{
"category": "self",
"summary": "SUSE Bug 1179690",
"url": "https://bugzilla.suse.com/1179690"
},
{
"category": "self",
"summary": "SUSE Bug 1179703",
"url": "https://bugzilla.suse.com/1179703"
},
{
"category": "self",
"summary": "SUSE Bug 1179704",
"url": "https://bugzilla.suse.com/1179704"
},
{
"category": "self",
"summary": "SUSE Bug 1179707",
"url": "https://bugzilla.suse.com/1179707"
},
{
"category": "self",
"summary": "SUSE Bug 1179709",
"url": "https://bugzilla.suse.com/1179709"
},
{
"category": "self",
"summary": "SUSE Bug 1179710",
"url": "https://bugzilla.suse.com/1179710"
},
{
"category": "self",
"summary": "SUSE Bug 1179711",
"url": "https://bugzilla.suse.com/1179711"
},
{
"category": "self",
"summary": "SUSE Bug 1179712",
"url": "https://bugzilla.suse.com/1179712"
},
{
"category": "self",
"summary": "SUSE Bug 1179713",
"url": "https://bugzilla.suse.com/1179713"
},
{
"category": "self",
"summary": "SUSE Bug 1179714",
"url": "https://bugzilla.suse.com/1179714"
},
{
"category": "self",
"summary": "SUSE Bug 1179715",
"url": "https://bugzilla.suse.com/1179715"
},
{
"category": "self",
"summary": "SUSE Bug 1179716",
"url": "https://bugzilla.suse.com/1179716"
},
{
"category": "self",
"summary": "SUSE Bug 1179745",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "self",
"summary": "SUSE Bug 1179763",
"url": "https://bugzilla.suse.com/1179763"
},
{
"category": "self",
"summary": "SUSE Bug 1179887",
"url": "https://bugzilla.suse.com/1179887"
},
{
"category": "self",
"summary": "SUSE Bug 1179888",
"url": "https://bugzilla.suse.com/1179888"
},
{
"category": "self",
"summary": "SUSE Bug 1179892",
"url": "https://bugzilla.suse.com/1179892"
},
{
"category": "self",
"summary": "SUSE Bug 1179896",
"url": "https://bugzilla.suse.com/1179896"
},
{
"category": "self",
"summary": "SUSE Bug 1179960",
"url": "https://bugzilla.suse.com/1179960"
},
{
"category": "self",
"summary": "SUSE Bug 1179963",
"url": "https://bugzilla.suse.com/1179963"
},
{
"category": "self",
"summary": "SUSE Bug 1180027",
"url": "https://bugzilla.suse.com/1180027"
},
{
"category": "self",
"summary": "SUSE Bug 1180029",
"url": "https://bugzilla.suse.com/1180029"
},
{
"category": "self",
"summary": "SUSE Bug 1180031",
"url": "https://bugzilla.suse.com/1180031"
},
{
"category": "self",
"summary": "SUSE Bug 1180052",
"url": "https://bugzilla.suse.com/1180052"
},
{
"category": "self",
"summary": "SUSE Bug 1180056",
"url": "https://bugzilla.suse.com/1180056"
},
{
"category": "self",
"summary": "SUSE Bug 1180086",
"url": "https://bugzilla.suse.com/1180086"
},
{
"category": "self",
"summary": "SUSE Bug 1180117",
"url": "https://bugzilla.suse.com/1180117"
},
{
"category": "self",
"summary": "SUSE Bug 1180258",
"url": "https://bugzilla.suse.com/1180258"
},
{
"category": "self",
"summary": "SUSE Bug 1180261",
"url": "https://bugzilla.suse.com/1180261"
},
{
"category": "self",
"summary": "SUSE Bug 1180349",
"url": "https://bugzilla.suse.com/1180349"
},
{
"category": "self",
"summary": "SUSE Bug 1180506",
"url": "https://bugzilla.suse.com/1180506"
},
{
"category": "self",
"summary": "SUSE Bug 1180541",
"url": "https://bugzilla.suse.com/1180541"
},
{
"category": "self",
"summary": "SUSE Bug 1180559",
"url": "https://bugzilla.suse.com/1180559"
},
{
"category": "self",
"summary": "SUSE Bug 1180566",
"url": "https://bugzilla.suse.com/1180566"
},
{
"category": "self",
"summary": "SUSE Bug 173030",
"url": "https://bugzilla.suse.com/173030"
},
{
"category": "self",
"summary": "SUSE Bug 744692",
"url": "https://bugzilla.suse.com/744692"
},
{
"category": "self",
"summary": "SUSE Bug 789311",
"url": "https://bugzilla.suse.com/789311"
},
{
"category": "self",
"summary": "SUSE Bug 954532",
"url": "https://bugzilla.suse.com/954532"
},
{
"category": "self",
"summary": "SUSE Bug 995541",
"url": "https://bugzilla.suse.com/995541"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19462 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-20810 page",
"url": "https://www.suse.com/security/cve/CVE-2019-20810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-20812 page",
"url": "https://www.suse.com/security/cve/CVE-2019-20812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0110 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0305 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0404 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0427 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0431 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0432 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0465 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10135 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10711 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10732 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10751 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10757 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10766 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10767 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10768 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10773 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10781 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11668 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12352 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12769 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12771 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12888 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13143 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13974 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14314 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14331 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14356 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14386 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14390 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14416 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15393 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15436 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15437 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15780 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-16120 page",
"url": "https://www.suse.com/security/cve/CVE-2020-16120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-16166 page",
"url": "https://www.suse.com/security/cve/CVE-2020-16166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1749 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24490 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25212 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25284 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25285 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25641 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25643 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25645 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25668 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25669 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25704 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26088 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27068 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27777 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27786 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27825 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27830 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28915 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28941 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28974 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29369 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29371 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29373 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29660 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29661 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36158 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-4788 page",
"url": "https://www.suse.com/security/cve/CVE-2020-4788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8694 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8694/"
}
],
"title": "Security update for RT kernel",
"tracking": {
"current_release_date": "2021-02-05T15:16:03Z",
"generator": {
"date": "2021-02-05T15:16:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:0242-1",
"initial_release_date": "2021-02-05T15:16:03Z",
"revision_history": [
{
"date": "2021-02-05T15:16:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-lp152.3.5.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"product_id": "kernel-source-rt-5.3.18-lp152.3.5.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-lp152.3.5.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-lp152.3.5.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-19462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19462"
}
],
"notes": [
{
"category": "general",
"text": "relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19462",
"url": "https://www.suse.com/security/cve/CVE-2019-19462"
},
{
"category": "external",
"summary": "SUSE Bug 1158265 for CVE-2019-19462",
"url": "https://bugzilla.suse.com/1158265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "low"
}
],
"title": "CVE-2019-19462"
},
{
"cve": "CVE-2019-20810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-20810"
}
],
"notes": [
{
"category": "general",
"text": "go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-20810",
"url": "https://www.suse.com/security/cve/CVE-2019-20810"
},
{
"category": "external",
"summary": "SUSE Bug 1172458 for CVE-2019-20810",
"url": "https://bugzilla.suse.com/1172458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "low"
}
],
"title": "CVE-2019-20810"
},
{
"cve": "CVE-2019-20812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-20812"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-20812",
"url": "https://www.suse.com/security/cve/CVE-2019-20812"
},
{
"category": "external",
"summary": "SUSE Bug 1172453 for CVE-2019-20812",
"url": "https://bugzilla.suse.com/1172453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2019-20812"
},
{
"cve": "CVE-2020-0110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0110"
}
],
"notes": [
{
"category": "general",
"text": "In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148159562References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0110",
"url": "https://www.suse.com/security/cve/CVE-2020-0110"
},
{
"category": "external",
"summary": "SUSE Bug 1171374 for CVE-2020-0110",
"url": "https://bugzilla.suse.com/1171374"
},
{
"category": "external",
"summary": "SUSE Bug 1174874 for CVE-2020-0110",
"url": "https://bugzilla.suse.com/1174874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-0110"
},
{
"cve": "CVE-2020-0305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0305"
}
],
"notes": [
{
"category": "general",
"text": "In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0305",
"url": "https://www.suse.com/security/cve/CVE-2020-0305"
},
{
"category": "external",
"summary": "SUSE Bug 1174462 for CVE-2020-0305",
"url": "https://bugzilla.suse.com/1174462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-0305"
},
{
"cve": "CVE-2020-0404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0404"
}
],
"notes": [
{
"category": "general",
"text": "In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0404",
"url": "https://www.suse.com/security/cve/CVE-2020-0404"
},
{
"category": "external",
"summary": "SUSE Bug 1176423 for CVE-2020-0404",
"url": "https://bugzilla.suse.com/1176423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-0404"
},
{
"cve": "CVE-2020-0427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0427"
}
],
"notes": [
{
"category": "general",
"text": "In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0427",
"url": "https://www.suse.com/security/cve/CVE-2020-0427"
},
{
"category": "external",
"summary": "SUSE Bug 1176725 for CVE-2020-0427",
"url": "https://bugzilla.suse.com/1176725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-0427"
},
{
"cve": "CVE-2020-0431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0431"
}
],
"notes": [
{
"category": "general",
"text": "In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0431",
"url": "https://www.suse.com/security/cve/CVE-2020-0431"
},
{
"category": "external",
"summary": "SUSE Bug 1176722 for CVE-2020-0431",
"url": "https://bugzilla.suse.com/1176722"
},
{
"category": "external",
"summary": "SUSE Bug 1176896 for CVE-2020-0431",
"url": "https://bugzilla.suse.com/1176896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-0431"
},
{
"cve": "CVE-2020-0432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0432"
}
],
"notes": [
{
"category": "general",
"text": "In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0432",
"url": "https://www.suse.com/security/cve/CVE-2020-0432"
},
{
"category": "external",
"summary": "SUSE Bug 1176721 for CVE-2020-0432",
"url": "https://bugzilla.suse.com/1176721"
},
{
"category": "external",
"summary": "SUSE Bug 1177165 for CVE-2020-0432",
"url": "https://bugzilla.suse.com/1177165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-0432"
},
{
"cve": "CVE-2020-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0444"
}
],
"notes": [
{
"category": "general",
"text": "In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0444",
"url": "https://www.suse.com/security/cve/CVE-2020-0444"
},
{
"category": "external",
"summary": "SUSE Bug 1180027 for CVE-2020-0444",
"url": "https://bugzilla.suse.com/1180027"
},
{
"category": "external",
"summary": "SUSE Bug 1180028 for CVE-2020-0444",
"url": "https://bugzilla.suse.com/1180028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-0444"
},
{
"cve": "CVE-2020-0465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0465"
}
],
"notes": [
{
"category": "general",
"text": "In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0465",
"url": "https://www.suse.com/security/cve/CVE-2020-0465"
},
{
"category": "external",
"summary": "SUSE Bug 1180029 for CVE-2020-0465",
"url": "https://bugzilla.suse.com/1180029"
},
{
"category": "external",
"summary": "SUSE Bug 1180030 for CVE-2020-0465",
"url": "https://bugzilla.suse.com/1180030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-0465"
},
{
"cve": "CVE-2020-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0466"
}
],
"notes": [
{
"category": "general",
"text": "In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0466",
"url": "https://www.suse.com/security/cve/CVE-2020-0466"
},
{
"category": "external",
"summary": "SUSE Bug 1180031 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1180031"
},
{
"category": "external",
"summary": "SUSE Bug 1180032 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1180032"
},
{
"category": "external",
"summary": "SUSE Bug 1199255 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1199255"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1200084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-0466"
},
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-10135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10135"
}
],
"notes": [
{
"category": "general",
"text": "Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10135",
"url": "https://www.suse.com/security/cve/CVE-2020-10135"
},
{
"category": "external",
"summary": "SUSE Bug 1171988 for CVE-2020-10135",
"url": "https://bugzilla.suse.com/1171988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10135"
},
{
"cve": "CVE-2020-10711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10711"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol\u0027s category bitmap into the SELinux extensible bitmap via the\u0027 ebitmap_netlbl_import\u0027 routine. While processing the CIPSO restricted bitmap tag in the \u0027cipso_v4_parsetag_rbm\u0027 routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10711",
"url": "https://www.suse.com/security/cve/CVE-2020-10711"
},
{
"category": "external",
"summary": "SUSE Bug 1171191 for CVE-2020-10711",
"url": "https://bugzilla.suse.com/1171191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10711"
},
{
"cve": "CVE-2020-10732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10732"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10732",
"url": "https://www.suse.com/security/cve/CVE-2020-10732"
},
{
"category": "external",
"summary": "SUSE Bug 1171220 for CVE-2020-10732",
"url": "https://bugzilla.suse.com/1171220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "low"
}
],
"title": "CVE-2020-10732"
},
{
"cve": "CVE-2020-10751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10751"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10751",
"url": "https://www.suse.com/security/cve/CVE-2020-10751"
},
{
"category": "external",
"summary": "SUSE Bug 1171189 for CVE-2020-10751",
"url": "https://bugzilla.suse.com/1171189"
},
{
"category": "external",
"summary": "SUSE Bug 1174963 for CVE-2020-10751",
"url": "https://bugzilla.suse.com/1174963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10751"
},
{
"cve": "CVE-2020-10757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10757"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10757",
"url": "https://www.suse.com/security/cve/CVE-2020-10757"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-10757",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1172317 for CVE-2020-10757",
"url": "https://bugzilla.suse.com/1172317"
},
{
"category": "external",
"summary": "SUSE Bug 1172437 for CVE-2020-10757",
"url": "https://bugzilla.suse.com/1172437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-10757"
},
{
"cve": "CVE-2020-10766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10766"
}
],
"notes": [
{
"category": "general",
"text": "A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10766",
"url": "https://www.suse.com/security/cve/CVE-2020-10766"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-10766",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2020-10766",
"url": "https://bugzilla.suse.com/1172781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10766"
},
{
"cve": "CVE-2020-10767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10767"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10767",
"url": "https://www.suse.com/security/cve/CVE-2020-10767"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-10767",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2020-10767",
"url": "https://bugzilla.suse.com/1172782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10767"
},
{
"cve": "CVE-2020-10768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10768"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10768",
"url": "https://www.suse.com/security/cve/CVE-2020-10768"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-10768",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2020-10768",
"url": "https://bugzilla.suse.com/1172783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10768"
},
{
"cve": "CVE-2020-10773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10773"
}
],
"notes": [
{
"category": "general",
"text": "A stack information leak flaw was found in s390/s390x in the Linux kernel\u0027s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10773",
"url": "https://www.suse.com/security/cve/CVE-2020-10773"
},
{
"category": "external",
"summary": "SUSE Bug 1172999 for CVE-2020-10773",
"url": "https://bugzilla.suse.com/1172999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "low"
}
],
"title": "CVE-2020-10773"
},
{
"cve": "CVE-2020-10781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10781"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10781",
"url": "https://www.suse.com/security/cve/CVE-2020-10781"
},
{
"category": "external",
"summary": "SUSE Bug 1173074 for CVE-2020-10781",
"url": "https://bugzilla.suse.com/1173074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-10781"
},
{
"cve": "CVE-2020-11668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11668",
"url": "https://www.suse.com/security/cve/CVE-2020-11668"
},
{
"category": "external",
"summary": "SUSE Bug 1168952 for CVE-2020-11668",
"url": "https://bugzilla.suse.com/1168952"
},
{
"category": "external",
"summary": "SUSE Bug 1173942 for CVE-2020-11668",
"url": "https://bugzilla.suse.com/1173942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-12352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12352"
}
],
"notes": [
{
"category": "general",
"text": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12352",
"url": "https://www.suse.com/security/cve/CVE-2020-12352"
},
{
"category": "external",
"summary": "SUSE Bug 1177725 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "external",
"summary": "SUSE Bug 1178398 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1178398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-12352"
},
{
"cve": "CVE-2020-12652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12652"
}
],
"notes": [
{
"category": "general",
"text": "The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a \"double fetch\" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states \"The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12652",
"url": "https://www.suse.com/security/cve/CVE-2020-12652"
},
{
"category": "external",
"summary": "SUSE Bug 1171218 for CVE-2020-12652",
"url": "https://bugzilla.suse.com/1171218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-12652"
},
{
"cve": "CVE-2020-12656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12656"
}
],
"notes": [
{
"category": "general",
"text": "gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12656",
"url": "https://www.suse.com/security/cve/CVE-2020-12656"
},
{
"category": "external",
"summary": "SUSE Bug 1171219 for CVE-2020-12656",
"url": "https://bugzilla.suse.com/1171219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "low"
}
],
"title": "CVE-2020-12656"
},
{
"cve": "CVE-2020-12769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12769"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12769",
"url": "https://www.suse.com/security/cve/CVE-2020-12769"
},
{
"category": "external",
"summary": "SUSE Bug 1171983 for CVE-2020-12769",
"url": "https://bugzilla.suse.com/1171983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-12769"
},
{
"cve": "CVE-2020-12771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12771"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12771",
"url": "https://www.suse.com/security/cve/CVE-2020-12771"
},
{
"category": "external",
"summary": "SUSE Bug 1171732 for CVE-2020-12771",
"url": "https://bugzilla.suse.com/1171732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-12771"
},
{
"cve": "CVE-2020-12888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12888"
}
],
"notes": [
{
"category": "general",
"text": "The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12888",
"url": "https://www.suse.com/security/cve/CVE-2020-12888"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-12888",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1171868 for CVE-2020-12888",
"url": "https://bugzilla.suse.com/1171868"
},
{
"category": "external",
"summary": "SUSE Bug 1176979 for CVE-2020-12888",
"url": "https://bugzilla.suse.com/1176979"
},
{
"category": "external",
"summary": "SUSE Bug 1179612 for CVE-2020-12888",
"url": "https://bugzilla.suse.com/1179612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-12888"
},
{
"cve": "CVE-2020-13143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13143"
}
],
"notes": [
{
"category": "general",
"text": "gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal \u0027\\0\u0027 value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13143",
"url": "https://www.suse.com/security/cve/CVE-2020-13143"
},
{
"category": "external",
"summary": "SUSE Bug 1171982 for CVE-2020-13143",
"url": "https://bugzilla.suse.com/1171982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-13143"
},
{
"cve": "CVE-2020-13974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13974"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13974",
"url": "https://www.suse.com/security/cve/CVE-2020-13974"
},
{
"category": "external",
"summary": "SUSE Bug 1172775 for CVE-2020-13974",
"url": "https://bugzilla.suse.com/1172775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-13974"
},
{
"cve": "CVE-2020-14314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14314"
}
],
"notes": [
{
"category": "general",
"text": "A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14314",
"url": "https://www.suse.com/security/cve/CVE-2020-14314"
},
{
"category": "external",
"summary": "SUSE Bug 1173798 for CVE-2020-14314",
"url": "https://bugzilla.suse.com/1173798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-14314"
},
{
"cve": "CVE-2020-14331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14331"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14331",
"url": "https://www.suse.com/security/cve/CVE-2020-14331"
},
{
"category": "external",
"summary": "SUSE Bug 1174205 for CVE-2020-14331",
"url": "https://bugzilla.suse.com/1174205"
},
{
"category": "external",
"summary": "SUSE Bug 1174247 for CVE-2020-14331",
"url": "https://bugzilla.suse.com/1174247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-14331"
},
{
"cve": "CVE-2020-14351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14351"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14351",
"url": "https://www.suse.com/security/cve/CVE-2020-14351"
},
{
"category": "external",
"summary": "SUSE Bug 1177086 for CVE-2020-14351",
"url": "https://bugzilla.suse.com/1177086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-14351"
},
{
"cve": "CVE-2020-14356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14356"
}
],
"notes": [
{
"category": "general",
"text": "A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14356",
"url": "https://www.suse.com/security/cve/CVE-2020-14356"
},
{
"category": "external",
"summary": "SUSE Bug 1175213 for CVE-2020-14356",
"url": "https://bugzilla.suse.com/1175213"
},
{
"category": "external",
"summary": "SUSE Bug 1176392 for CVE-2020-14356",
"url": "https://bugzilla.suse.com/1176392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-14356"
},
{
"cve": "CVE-2020-14385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14385"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14385",
"url": "https://www.suse.com/security/cve/CVE-2020-14385"
},
{
"category": "external",
"summary": "SUSE Bug 1176137 for CVE-2020-14385",
"url": "https://bugzilla.suse.com/1176137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-14385"
},
{
"cve": "CVE-2020-14386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14386"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14386",
"url": "https://www.suse.com/security/cve/CVE-2020-14386"
},
{
"category": "external",
"summary": "SUSE Bug 1176069 for CVE-2020-14386",
"url": "https://bugzilla.suse.com/1176069"
},
{
"category": "external",
"summary": "SUSE Bug 1176072 for CVE-2020-14386",
"url": "https://bugzilla.suse.com/1176072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-14386"
},
{
"cve": "CVE-2020-14390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14390"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14390",
"url": "https://www.suse.com/security/cve/CVE-2020-14390"
},
{
"category": "external",
"summary": "SUSE Bug 1176235 for CVE-2020-14390",
"url": "https://bugzilla.suse.com/1176235"
},
{
"category": "external",
"summary": "SUSE Bug 1176253 for CVE-2020-14390",
"url": "https://bugzilla.suse.com/1176253"
},
{
"category": "external",
"summary": "SUSE Bug 1176278 for CVE-2020-14390",
"url": "https://bugzilla.suse.com/1176278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-14390"
},
{
"cve": "CVE-2020-14416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.4.16, a race condition in tty-\u003edisc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14416",
"url": "https://www.suse.com/security/cve/CVE-2020-14416"
},
{
"category": "external",
"summary": "SUSE Bug 1162002 for CVE-2020-14416",
"url": "https://bugzilla.suse.com/1162002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-14416"
},
{
"cve": "CVE-2020-15393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15393",
"url": "https://www.suse.com/security/cve/CVE-2020-15393"
},
{
"category": "external",
"summary": "SUSE Bug 1173514 for CVE-2020-15393",
"url": "https://bugzilla.suse.com/1173514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-15393"
},
{
"cve": "CVE-2020-15436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15436"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15436",
"url": "https://www.suse.com/security/cve/CVE-2020-15436"
},
{
"category": "external",
"summary": "SUSE Bug 1179141 for CVE-2020-15436",
"url": "https://bugzilla.suse.com/1179141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-15436"
},
{
"cve": "CVE-2020-15437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15437"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p-\u003eserial_in pointer which uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15437",
"url": "https://www.suse.com/security/cve/CVE-2020-15437"
},
{
"category": "external",
"summary": "SUSE Bug 1179140 for CVE-2020-15437",
"url": "https://bugzilla.suse.com/1179140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-15437"
},
{
"cve": "CVE-2020-15780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15780",
"url": "https://www.suse.com/security/cve/CVE-2020-15780"
},
{
"category": "external",
"summary": "SUSE Bug 1173573 for CVE-2020-15780",
"url": "https://bugzilla.suse.com/1173573"
},
{
"category": "external",
"summary": "SUSE Bug 1174186 for CVE-2020-15780",
"url": "https://bugzilla.suse.com/1174186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-15780"
},
{
"cve": "CVE-2020-16120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-16120"
}
],
"notes": [
{
"category": "general",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-16120",
"url": "https://www.suse.com/security/cve/CVE-2020-16120"
},
{
"category": "external",
"summary": "SUSE Bug 1177470 for CVE-2020-16120",
"url": "https://bugzilla.suse.com/1177470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2020-16166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-16166"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-16166",
"url": "https://www.suse.com/security/cve/CVE-2020-16166"
},
{
"category": "external",
"summary": "SUSE Bug 1174757 for CVE-2020-16166",
"url": "https://bugzilla.suse.com/1174757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-16166"
},
{
"cve": "CVE-2020-1749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1749"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn\u0027t correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1749",
"url": "https://www.suse.com/security/cve/CVE-2020-1749"
},
{
"category": "external",
"summary": "SUSE Bug 1165629 for CVE-2020-1749",
"url": "https://bugzilla.suse.com/1165629"
},
{
"category": "external",
"summary": "SUSE Bug 1165631 for CVE-2020-1749",
"url": "https://bugzilla.suse.com/1165631"
},
{
"category": "external",
"summary": "SUSE Bug 1177511 for CVE-2020-1749",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "external",
"summary": "SUSE Bug 1177513 for CVE-2020-1749",
"url": "https://bugzilla.suse.com/1177513"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-1749",
"url": "https://bugzilla.suse.com/1189302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-1749"
},
{
"cve": "CVE-2020-24490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24490"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24490",
"url": "https://www.suse.com/security/cve/CVE-2020-24490"
},
{
"category": "external",
"summary": "SUSE Bug 1177726 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "external",
"summary": "SUSE Bug 1177727 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-24490"
},
{
"cve": "CVE-2020-25212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25212"
}
],
"notes": [
{
"category": "general",
"text": "A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25212",
"url": "https://www.suse.com/security/cve/CVE-2020-25212"
},
{
"category": "external",
"summary": "SUSE Bug 1176381 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176381"
},
{
"category": "external",
"summary": "SUSE Bug 1176382 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1176382"
},
{
"category": "external",
"summary": "SUSE Bug 1177027 for CVE-2020-25212",
"url": "https://bugzilla.suse.com/1177027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-25212"
},
{
"cve": "CVE-2020-25284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25284"
}
],
"notes": [
{
"category": "general",
"text": "The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25284",
"url": "https://www.suse.com/security/cve/CVE-2020-25284"
},
{
"category": "external",
"summary": "SUSE Bug 1176482 for CVE-2020-25284",
"url": "https://bugzilla.suse.com/1176482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25284"
},
{
"cve": "CVE-2020-25285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25285"
}
],
"notes": [
{
"category": "general",
"text": "A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25285",
"url": "https://www.suse.com/security/cve/CVE-2020-25285"
},
{
"category": "external",
"summary": "SUSE Bug 1176485 for CVE-2020-25285",
"url": "https://bugzilla.suse.com/1176485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25285"
},
{
"cve": "CVE-2020-25641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25641"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25641",
"url": "https://www.suse.com/security/cve/CVE-2020-25641"
},
{
"category": "external",
"summary": "SUSE Bug 1177121 for CVE-2020-25641",
"url": "https://bugzilla.suse.com/1177121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25641"
},
{
"cve": "CVE-2020-25643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25643"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25643",
"url": "https://www.suse.com/security/cve/CVE-2020-25643"
},
{
"category": "external",
"summary": "SUSE Bug 1177206 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177206"
},
{
"category": "external",
"summary": "SUSE Bug 1177226 for CVE-2020-25643",
"url": "https://bugzilla.suse.com/1177226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-25643"
},
{
"cve": "CVE-2020-25645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25645"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25645",
"url": "https://www.suse.com/security/cve/CVE-2020-25645"
},
{
"category": "external",
"summary": "SUSE Bug 1177511 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177511"
},
{
"category": "external",
"summary": "SUSE Bug 1177513 for CVE-2020-25645",
"url": "https://bugzilla.suse.com/1177513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-25645"
},
{
"cve": "CVE-2020-25656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25656"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25656",
"url": "https://www.suse.com/security/cve/CVE-2020-25656"
},
{
"category": "external",
"summary": "SUSE Bug 1177766 for CVE-2020-25656",
"url": "https://bugzilla.suse.com/1177766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25656"
},
{
"cve": "CVE-2020-25668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25668"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25668",
"url": "https://www.suse.com/security/cve/CVE-2020-25668"
},
{
"category": "external",
"summary": "SUSE Bug 1178123 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178123"
},
{
"category": "external",
"summary": "SUSE Bug 1178622 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1178622"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-25668",
"url": "https://bugzilla.suse.com/1196914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-25668"
},
{
"cve": "CVE-2020-25669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25669"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25669",
"url": "https://www.suse.com/security/cve/CVE-2020-25669"
},
{
"category": "external",
"summary": "SUSE Bug 1178182 for CVE-2020-25669",
"url": "https://bugzilla.suse.com/1178182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25669"
},
{
"cve": "CVE-2020-25704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25704"
}
],
"notes": [
{
"category": "general",
"text": "A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25704",
"url": "https://www.suse.com/security/cve/CVE-2020-25704"
},
{
"category": "external",
"summary": "SUSE Bug 1178393 for CVE-2020-25704",
"url": "https://bugzilla.suse.com/1178393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
},
{
"cve": "CVE-2020-26088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26088"
}
],
"notes": [
{
"category": "general",
"text": "A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26088",
"url": "https://www.suse.com/security/cve/CVE-2020-26088"
},
{
"category": "external",
"summary": "SUSE Bug 1176990 for CVE-2020-26088",
"url": "https://bugzilla.suse.com/1176990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-26088"
},
{
"cve": "CVE-2020-27068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27068"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27068",
"url": "https://www.suse.com/security/cve/CVE-2020-27068"
},
{
"category": "external",
"summary": "SUSE Bug 1180086 for CVE-2020-27068",
"url": "https://bugzilla.suse.com/1180086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-27068"
},
{
"cve": "CVE-2020-27777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27777"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27777",
"url": "https://www.suse.com/security/cve/CVE-2020-27777"
},
{
"category": "external",
"summary": "SUSE Bug 1179107 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "external",
"summary": "SUSE Bug 1179419 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "external",
"summary": "SUSE Bug 1200343 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1200343"
},
{
"category": "external",
"summary": "SUSE Bug 1220060 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1220060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-27786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27786"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27786",
"url": "https://www.suse.com/security/cve/CVE-2020-27786"
},
{
"category": "external",
"summary": "SUSE Bug 1179601 for CVE-2020-27786",
"url": "https://bugzilla.suse.com/1179601"
},
{
"category": "external",
"summary": "SUSE Bug 1179616 for CVE-2020-27786",
"url": "https://bugzilla.suse.com/1179616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-27786"
},
{
"cve": "CVE-2020-27825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27825"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27825",
"url": "https://www.suse.com/security/cve/CVE-2020-27825"
},
{
"category": "external",
"summary": "SUSE Bug 1179960 for CVE-2020-27825",
"url": "https://bugzilla.suse.com/1179960"
},
{
"category": "external",
"summary": "SUSE Bug 1179961 for CVE-2020-27825",
"url": "https://bugzilla.suse.com/1179961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-27825"
},
{
"cve": "CVE-2020-27830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27830"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27830",
"url": "https://www.suse.com/security/cve/CVE-2020-27830"
},
{
"category": "external",
"summary": "SUSE Bug 1179656 for CVE-2020-27830",
"url": "https://bugzilla.suse.com/1179656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-27830"
},
{
"cve": "CVE-2020-28915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28915"
}
],
"notes": [
{
"category": "general",
"text": "A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28915",
"url": "https://www.suse.com/security/cve/CVE-2020-28915"
},
{
"category": "external",
"summary": "SUSE Bug 1178886 for CVE-2020-28915",
"url": "https://bugzilla.suse.com/1178886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-28915"
},
{
"cve": "CVE-2020-28941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28941"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28941",
"url": "https://www.suse.com/security/cve/CVE-2020-28941"
},
{
"category": "external",
"summary": "SUSE Bug 1178740 for CVE-2020-28941",
"url": "https://bugzilla.suse.com/1178740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-28941"
},
{
"cve": "CVE-2020-28974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28974"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28974",
"url": "https://www.suse.com/security/cve/CVE-2020-28974"
},
{
"category": "external",
"summary": "SUSE Bug 1178589 for CVE-2020-28974",
"url": "https://bugzilla.suse.com/1178589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-28974"
},
{
"cve": "CVE-2020-29369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29369"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29369",
"url": "https://www.suse.com/security/cve/CVE-2020-29369"
},
{
"category": "external",
"summary": "SUSE Bug 1173504 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1173504"
},
{
"category": "external",
"summary": "SUSE Bug 1179432 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1179432"
},
{
"category": "external",
"summary": "SUSE Bug 1179646 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1179646"
},
{
"category": "external",
"summary": "SUSE Bug 1182109 for CVE-2020-29369",
"url": "https://bugzilla.suse.com/1182109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-29369"
},
{
"cve": "CVE-2020-29370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29370"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29370",
"url": "https://www.suse.com/security/cve/CVE-2020-29370"
},
{
"category": "external",
"summary": "SUSE Bug 1179435 for CVE-2020-29370",
"url": "https://bugzilla.suse.com/1179435"
},
{
"category": "external",
"summary": "SUSE Bug 1179648 for CVE-2020-29370",
"url": "https://bugzilla.suse.com/1179648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-29370"
},
{
"cve": "CVE-2020-29371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29371"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29371",
"url": "https://www.suse.com/security/cve/CVE-2020-29371"
},
{
"category": "external",
"summary": "SUSE Bug 1179429 for CVE-2020-29371",
"url": "https://bugzilla.suse.com/1179429"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-29371"
},
{
"cve": "CVE-2020-29373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29373"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29373",
"url": "https://www.suse.com/security/cve/CVE-2020-29373"
},
{
"category": "external",
"summary": "SUSE Bug 1179434 for CVE-2020-29373",
"url": "https://bugzilla.suse.com/1179434"
},
{
"category": "external",
"summary": "SUSE Bug 1179779 for CVE-2020-29373",
"url": "https://bugzilla.suse.com/1179779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-29373"
},
{
"cve": "CVE-2020-29660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29660"
}
],
"notes": [
{
"category": "general",
"text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29660",
"url": "https://www.suse.com/security/cve/CVE-2020-29660"
},
{
"category": "external",
"summary": "SUSE Bug 1179745 for CVE-2020-29660",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "external",
"summary": "SUSE Bug 1179877 for CVE-2020-29660",
"url": "https://bugzilla.suse.com/1179877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-29660"
},
{
"cve": "CVE-2020-29661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29661"
}
],
"notes": [
{
"category": "general",
"text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29661",
"url": "https://www.suse.com/security/cve/CVE-2020-29661"
},
{
"category": "external",
"summary": "SUSE Bug 1179745 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "external",
"summary": "SUSE Bug 1179877 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1179877"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-29661"
},
{
"cve": "CVE-2020-36158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36158"
}
],
"notes": [
{
"category": "general",
"text": "mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36158",
"url": "https://www.suse.com/security/cve/CVE-2020-36158"
},
{
"category": "external",
"summary": "SUSE Bug 1180559 for CVE-2020-36158",
"url": "https://bugzilla.suse.com/1180559"
},
{
"category": "external",
"summary": "SUSE Bug 1180562 for CVE-2020-36158",
"url": "https://bugzilla.suse.com/1180562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "important"
}
],
"title": "CVE-2020-36158"
},
{
"cve": "CVE-2020-4788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-4788"
}
],
"notes": [
{
"category": "general",
"text": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-4788",
"url": "https://www.suse.com/security/cve/CVE-2020-4788"
},
{
"category": "external",
"summary": "SUSE Bug 1177666 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "external",
"summary": "SUSE Bug 1181158 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1181158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-4788"
},
{
"cve": "CVE-2020-8694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8694"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8694",
"url": "https://www.suse.com/security/cve/CVE-2020-8694"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178591"
},
{
"category": "external",
"summary": "SUSE Bug 1178700 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1178700"
},
{
"category": "external",
"summary": "SUSE Bug 1179661 for CVE-2020-8694",
"url": "https://bugzilla.suse.com/1179661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:cluster-md-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:cluster-md-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:dlm-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:gfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-devel-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-rt_debug-extra-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kernel-source-rt-5.3.18-lp152.3.5.1.noarch",
"openSUSE Leap 15.2:kernel-syms-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:kselftests-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:ocfs2-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt-5.3.18-lp152.3.5.1.x86_64",
"openSUSE Leap 15.2:reiserfs-kmp-rt_debug-5.3.18-lp152.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-05T15:16:03Z",
"details": "moderate"
}
],
"title": "CVE-2020-8694"
}
]
}
OPENSUSE-SU-2024:11370-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
sca-patterns-sle12-1.0.8-2.2 on GA media
Severity
Moderate
Notes
Title of the patch: sca-patterns-sle12-1.0.8-2.2 on GA media
Description of the patch: These are all security issues fixed in the sca-patterns-sle12-1.0.8-2.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11370
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "sca-patterns-sle12-1.0.8-2.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the sca-patterns-sle12-1.0.8-2.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11370",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11370-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0548 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1472 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
}
],
"title": "sca-patterns-sle12-1.0.8-2.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11370-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle12-1.0.8-2.2.aarch64",
"product": {
"name": "sca-patterns-sle12-1.0.8-2.2.aarch64",
"product_id": "sca-patterns-sle12-1.0.8-2.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle12-1.0.8-2.2.ppc64le",
"product": {
"name": "sca-patterns-sle12-1.0.8-2.2.ppc64le",
"product_id": "sca-patterns-sle12-1.0.8-2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle12-1.0.8-2.2.s390x",
"product": {
"name": "sca-patterns-sle12-1.0.8-2.2.s390x",
"product_id": "sca-patterns-sle12-1.0.8-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle12-1.0.8-2.2.x86_64",
"product": {
"name": "sca-patterns-sle12-1.0.8-2.2.x86_64",
"product_id": "sca-patterns-sle12-1.0.8-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.0.8-2.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64"
},
"product_reference": "sca-patterns-sle12-1.0.8-2.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.0.8-2.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le"
},
"product_reference": "sca-patterns-sle12-1.0.8-2.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.0.8-2.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x"
},
"product_reference": "sca-patterns-sle12-1.0.8-2.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.0.8-2.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
},
"product_reference": "sca-patterns-sle12-1.0.8-2.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0548"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0548",
"url": "https://www.suse.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0548",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-1472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1472"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1472",
"url": "https://www.suse.com/security/cve/CVE-2020-1472"
},
{
"category": "external",
"summary": "SUSE Bug 1176579 for CVE-2020-1472",
"url": "https://bugzilla.suse.com/1176579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-1472"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle12-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
}
]
}
OPENSUSE-SU-2024:11371-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
sca-patterns-sle15-1.0.8-2.2 on GA media
Severity
Moderate
Notes
Title of the patch: sca-patterns-sle15-1.0.8-2.2 on GA media
Description of the patch: These are all security issues fixed in the sca-patterns-sle15-1.0.8-2.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11371
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "sca-patterns-sle15-1.0.8-2.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the sca-patterns-sle15-1.0.8-2.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11371",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11371-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0548 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1472 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25705 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25705/"
}
],
"title": "sca-patterns-sle15-1.0.8-2.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11371-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle15-1.0.8-2.2.aarch64",
"product": {
"name": "sca-patterns-sle15-1.0.8-2.2.aarch64",
"product_id": "sca-patterns-sle15-1.0.8-2.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle15-1.0.8-2.2.ppc64le",
"product": {
"name": "sca-patterns-sle15-1.0.8-2.2.ppc64le",
"product_id": "sca-patterns-sle15-1.0.8-2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle15-1.0.8-2.2.s390x",
"product": {
"name": "sca-patterns-sle15-1.0.8-2.2.s390x",
"product_id": "sca-patterns-sle15-1.0.8-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-sle15-1.0.8-2.2.x86_64",
"product": {
"name": "sca-patterns-sle15-1.0.8-2.2.x86_64",
"product_id": "sca-patterns-sle15-1.0.8-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.0.8-2.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64"
},
"product_reference": "sca-patterns-sle15-1.0.8-2.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.0.8-2.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le"
},
"product_reference": "sca-patterns-sle15-1.0.8-2.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.0.8-2.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x"
},
"product_reference": "sca-patterns-sle15-1.0.8-2.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.0.8-2.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
},
"product_reference": "sca-patterns-sle15-1.0.8-2.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0548"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0548",
"url": "https://www.suse.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0548",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-1472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1472"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1472",
"url": "https://www.suse.com/security/cve/CVE-2020-1472"
},
{
"category": "external",
"summary": "SUSE Bug 1176579 for CVE-2020-1472",
"url": "https://bugzilla.suse.com/1176579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-1472"
},
{
"cve": "CVE-2020-25705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25705"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25705",
"url": "https://www.suse.com/security/cve/CVE-2020-25705"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 1178782 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178782"
},
{
"category": "external",
"summary": "SUSE Bug 1178783 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1178783"
},
{
"category": "external",
"summary": "SUSE Bug 1191790 for CVE-2020-25705",
"url": "https://bugzilla.suse.com/1191790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.aarch64",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.ppc64le",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.s390x",
"openSUSE Tumbleweed:sca-patterns-sle15-1.0.8-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25705"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…