Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-3646 (GCVE-0-2018-3646)
Vulnerability from cvelistv5 – Published: 2018-08-14 19:00 – Updated: 2026-05-29 20:10
VLAI
EPSS
Summary
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
Severity
5.6 (Medium)
CWE
- Information Disclosure
Assigner
References
56 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Intel Corporation | Multiple |
Affected:
Multiple
|
Date Public
2018-08-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#982149",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3741-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "RHSA-2018:2393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2393"
},
{
"name": "USN-3823-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3823-1/"
},
{
"name": "RHSA-2018:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2389"
},
{
"name": "1042004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:2390",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "RHSA-2018:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2403"
},
{
"name": "105080",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "RHSA-2018:2395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"name": "RHSA-2018:2384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"name": "USN-3740-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "FreeBSD-SA-18:09",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
},
{
"name": "DSA-4274",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4274"
},
{
"name": "FEDORA-2018-1c80fea1cd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
},
{
"name": "RHSA-2018:2388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2388"
},
{
"name": "USN-3741-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:2603",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2603"
},
{
"name": "RHSA-2018:2402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2402"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "FEDORA-2018-f8cba144ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
},
{
"name": "USN-3742-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "RHSA-2018:2404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2404"
},
{
"name": "USN-3740-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "RHSA-2018:2391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2391"
},
{
"name": "RHSA-2018:2396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "DSA-4279",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4279"
},
{
"name": "RHSA-2018:2392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2392"
},
{
"name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
},
{
"name": "USN-3742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2602"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:2387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "USN-3756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-273.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://foreshadowattack.eu/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K31300402"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-3646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-29T20:10:26.910599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T20:10:40.370Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T02:22:59.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "VU#982149",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "GLSA-201810-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3741-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "RHSA-2018:2393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2393"
},
{
"name": "USN-3823-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3823-1/"
},
{
"name": "RHSA-2018:2389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2389"
},
{
"name": "1042004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:2390",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "RHSA-2018:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2403"
},
{
"name": "105080",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "RHSA-2018:2395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"name": "RHSA-2018:2384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"name": "USN-3740-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "FreeBSD-SA-18:09",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
},
{
"name": "DSA-4274",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4274"
},
{
"name": "FEDORA-2018-1c80fea1cd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
},
{
"name": "RHSA-2018:2388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2388"
},
{
"name": "USN-3741-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:2603",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2603"
},
{
"name": "RHSA-2018:2402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2402"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "FEDORA-2018-f8cba144ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
},
{
"name": "USN-3742-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "RHSA-2018:2404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2404"
},
{
"name": "USN-3740-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "RHSA-2018:2391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2391"
},
{
"name": "RHSA-2018:2396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "DSA-4279",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4279"
},
{
"name": "RHSA-2018:2392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2392"
},
{
"name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
},
{
"name": "USN-3742-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2602"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:2387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "USN-3756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-273.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://foreshadowattack.eu/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K31300402"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-08-14T00:00:00",
"ID": "CVE-2018-3646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple",
"version": {
"version_data": [
{
"version_value": "Multiple"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#982149",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "GLSA-201810-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"name": "USN-3741-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"name": "RHSA-2018:2393",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2393"
},
{
"name": "USN-3823-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3823-1/"
},
{
"name": "RHSA-2018:2389",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2389"
},
{
"name": "1042004",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042004"
},
{
"name": "RHSA-2018:2390",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"name": "RHSA-2018:2403",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2403"
},
{
"name": "105080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "RHSA-2018:2395",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"name": "RHSA-2018:2384",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"name": "USN-3740-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"name": "FreeBSD-SA-18:09",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"
},
{
"name": "DSA-4274",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4274"
},
{
"name": "FEDORA-2018-1c80fea1cd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"
},
{
"name": "RHSA-2018:2388",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2388"
},
{
"name": "USN-3741-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"name": "RHSA-2018:2603",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2603"
},
{
"name": "RHSA-2018:2402",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2402"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "FEDORA-2018-f8cba144ae",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"
},
{
"name": "USN-3742-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"name": "RHSA-2018:2404",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2404"
},
{
"name": "USN-3740-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"name": "RHSA-2018:2391",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2391"
},
{
"name": "RHSA-2018:2396",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"name": "DSA-4279",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4279"
},
{
"name": "RHSA-2018:2392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2392"
},
{
"name": "[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
},
{
"name": "USN-3742-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"name": "RHSA-2018:2602",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2602"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "RHSA-2018:2394",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"name": "RHSA-2018:2387",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"name": "USN-3756-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-273.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-273.html"
},
{
"name": "https://foreshadowattack.eu/",
"refsource": "MISC",
"url": "https://foreshadowattack.eu/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_45",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
"refsource": "CONFIRM",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
},
{
"name": "https://support.f5.com/csp/article/K31300402",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K31300402"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3646",
"datePublished": "2018-08-14T19:00:00.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2026-05-29T20:10:40.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-3646",
"date": "2026-05-30",
"epss": "0.02527",
"percentile": "0.85687"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-3646\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2018-08-14T19:29:00.920\",\"lastModified\":\"2026-05-29T21:16:36.407\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.\"},{\"lang\":\"es\",\"value\":\"Los sistemas con microprocesadores que emplean la ejecuci\u00f3n especulativa y traducciones de direcciones podr\u00eda permitir la divulgaci\u00f3n no autorizada de informaci\u00f3n que reside en la cach\u00e9 de datos L1 a un atacante con acceso de usuario local con privilegios de invitado del sistema operativo mediante un error de p\u00e1gina del terminal y un an\u00e1lisis de canal lateral.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.1,\"impactScore\":4.0}],\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.1,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:N/A:N\",\"baseScore\":4.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4229DB2-8BBC-49F8-87A8-2E7D56EFD310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEBA7322-4D95-4E70-B6A5-E0D8F1B5D7EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0E91F46-D950-4894-BACF-05A70C7C6F7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E12B40B-5221-48A6-B2A6-D44CD5636BB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BCB77C9-ABE3-44A0-B377-7D7035E8A11F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D06639F5-5EE8-44F4-B48A-5694383154DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD9662C9-59D3-4B3E-A4DA-4F1EE16FC94B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"637C3687-FBCC-41A0-BFE6-823BAE45FB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2350A197-193F-4B22-80E8-3275C97C78EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734C7A7E-ACCA-4B34-BF38-0FAED988CC6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D9ABAFC-B3B5-449D-A48E-2E978563EDE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99019EA0-6576-4CE7-B60A-975D418AA917\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E846AEF-751D-40AD-84B5-EFDC9CF23E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB9DD909-B2AC-46BA-B057-D239D0773CAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54F5C355-FDFC-4E71-93AA-218389EF10E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A1CA1E-971D-4F67-864E-2E772C1E736B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B5F8391-D974-49AC-8550-ADB3FA6C0535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8302BF58-9E54-40DA-BCFE-59CA52C460D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCDE9EF-037B-4650-8131-4D57BE141277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47BA9DA8-F690-4E3C-AEF6-6A5C7BAA6F19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8253DA-9A04-40D6-84C1-C682B4023D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF6D175-85C3-4C72-AD9F-31B47EF43154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A5FC594-2092-4240-9538-235BBE236DD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D95F00-EA89-4FDE-991C-56636B8E0331\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32C40D38-F7F2-4A48-ADAA-6A8BBD6A1A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4158561F-8270-42D1-91D8-E063CE7F5505\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF0DEA96-0202-41EB-BDC3-24E2FC4415B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BACE1C-5D66-4FBC-8F86-30215A623A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF707146-0D64-4F3A-AE22-956EA1CB32B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8118C3F9-0853-4E87-9E65-86E1398B2780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A298501-C4D7-48D4-90F9-15AFA59DED48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEE1B07B-3D92-4D2D-8667-D902F002277F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F05CB19-1059-4C4D-BFD7-9F51A22A4F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5588732F-7F1A-4C24-B35F-30532107FFDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A127DD5D-426D-4F24-A8C5-DC9DAC94B91C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26EE0BBD-3982-4B0F-82F6-D58E077C75DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAEEC918-EA25-4B38-B5C3-85899D3EBE6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"813965F4-3BDA-4478-8E6A-0FD52723B764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C5EA2F4-F3EF-4305-B1A1-92F636ED688F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04384319-EE8C-45B4-8BDD-414502E7C02D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C52528CE-4F31-4E5F-8255-E576B20F3043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6C3F422-F865-4160-AA24-1DAFAE63729C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D034E7F-4D17-49D7-BDB2-90CB4C709B30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C18E6B4-E947-403B-80FB-7095420D482B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2814CC9F-E027-4C5A-93AF-84EA445E6C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24A470C3-AAAA-4A6E-B738-FEB69DB78B9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1236944-4942-40E4-9BA1-029FEAE94BBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086CAB4B-A10A-4165-BC33-33CADCD23C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1A6A1EB-B3AB-4CB4-827E-CCAAD783F8E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAFB6B30-BFB0-4397-9E16-37D1A772E639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFCB9D7B-7D0A-435D-8499-C16BE09E19FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64277594-9713-436B-8056-542CFA9F4CFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"589BB170-7CBA-4F28-99E3-9242B62E2918\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91B9C4D9-DA09-4377-9DCD-225857BD9FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D0265F-840B-45A1-90BD-9ED8846A9F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74BAC0EC-2B38-4553-A399-4BD5483C4753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4477EBA6-F0A7-452B-96E8-BA788370CCA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1285D817-B5B8-4940-925D-FCDD24810AE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D289F7B4-27CD-4433-BB45-06AF98A59B7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00168903-6012-4414-87D1-2EE52AA6D78E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AE8D524-577E-4994-8A4B-D15022C84D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75977B0B-C44D-43BC-8D7A-AF966CDB1901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7F5D52-9F41-49A4-B941-E0D777203FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52B5B3FD-5BEA-4DE8-B010-55FED1547167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"167B1B04-5823-4038-A019-3975A3B447C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6C7A4EA-0B5E-47CD-8924-3B1B60EB4BE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA096E0-5480-47CB-822B-D11D7E20F69F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30357469-0B8F-4385-A282-2F50181EA442\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE70772-7796-4594-880A-6AAD046E4D8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A9E2F8D-2974-4833-9EC2-233CEE257C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17EE3078-454F-48F8-B201-3847DB40D5C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE32C500-55C2-41A7-8621-14EBF793BF11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D3DF52-501A-4656-98F1-8DD51D04F31F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EA603AD-6CF1-44B2-876D-6F1C0B7EF2C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09578301-CF39-4C24-951A-535743E277EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4D14AA-7DBF-4B73-BDEF-6248EF5C0F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A65F303-96C8-4884-8D6F-F439B86BA30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E046105-9DF5-425F-A97E-16081D54613C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2987BCF-39E6-49B6-8DEE-963A38F12B07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AEDE2B7-9AA2-4A14-8A02-9A2BFF0DDCBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AD92AD8-033A-4AAD-91E5-CB446CCE9732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E0E73A-F1B4-4E70-B9F1-EE97785B8891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61D6E3CC-79B1-4995-9A76-41683C7F254A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9CEB2B1-BD1A-4B89-8E03-4F90F04A0F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FE5773D-3CD1-4E63-8983-E0105C46D185\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A7C307A-6576-4A0A-8F4E-0981C9EE2901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18B3A53B-902C-46A5-8CE7-B55102703278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB843479-729A-4E58-8027-0FC586F051AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AF5A233-1E77-49FD-AC2C-60D185481E28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18519CF2-B0DA-42DD-8A3E-9084298C210A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"329D5FCF-7EC5-4471-906B-3619A180BD52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD43EAA-F3A5-4748-9187-A6E6707ACD11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F3C14D-4BFC-4205-8781-95E6B28C83C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20942AD8-ADB7-4A50-BDBE-DB36249F4F52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EC6ED02-134B-4322-AB72-75A0AB22701E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA74EEE-54CC-4F80-B1D3-99F7771335ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B859F7-0373-4ADD-92B3-0FAB42FCF23C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC76F31-00A5-4719-AA50-92F773919B3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49996F5A-51B2-4D4E-AE04-E98E093A76CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8406B0-D1E5-4633-B17E-53DC99FE7622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D49435C-7C33-454B-9F43-9C10F28A28A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D17E1A0F-1150-4899-81BC-BE84E4EF5FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EADD98AE-BAB0-440D-AB9F-2D76BE5109E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED44A404-8548-4EDC-8928-4094D05A6A38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2AAD8F0-0D31-4806-8A88-A30E5BE43630\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8164EE5F-6ABA-4365-8718-2F98C2E57A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7110AF9-A407-4EE2-9C46-E5F1E3638E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A06696D-37F0-427D-BFC5-1606E7441C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68A76015-0A05-4EC7-B136-DC13B55D881F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54464F6C-9B2D-46BA-AC44-506389F3EE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA11017-EA58-45EE-8408-FCCCF7183643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A5098A5-E4E8-47E4-8CD0-F607FF0C0C90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"442AD778-D56F-4C30-BBF8-749D6AAC4737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF7D3F31-AF4D-4C50-8590-A763AAC7AF07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"445BFC2E-38FA-4130-8550-0866EC4EDA33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6DC2746-CE41-40C9-8CFA-23231BBCAE77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3A8976-5E4D-490A-A87D-A47D1B2B903C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C8535E6-220E-4747-8992-45B6EAFC555C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7479B49-F484-4DF2-86CB-E52EE89FA238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6D68512-746D-4E95-857B-13A0B6313C5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4312BA84-F9A0-4BD4-8438-058E1E7D6C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60E52DF5-C713-4BC4-B587-FF6BDA8509CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"304ADCAC-9E49-42BD-BC92-58D9B2AD52E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB02172-B9A7-4801-88F2-98BF5843184A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5141380E-BD18-47C1-A84C-384BA821773D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AE6C49E-2359-4E44-9979-7D34F8460E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C004B75F-37AF-4E61-98F3-1B09A7062DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7126D19-C6D9-43CB-8809-647B1A20E7DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CC98503-A80A-4114-8BF2-E016659BE84E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3821412D-B010-49C4-A7B4-6C5FB6C603B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CEB5D2D-FF54-4BDB-9E9C-8C1B2719FC9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AD5B51A-AEA0-4DA2-BA60-94A2D5605352\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96C6CA0-434D-428F-B629-A971C2937628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"301AB72A-A6F2-42C8-A931-94EF2271443F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59414B5A-05B8-49AF-A197-2A31729DDB65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BFDD380-692F-41D7-996F-F97FC74DC7CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49602828-2BFC-4571-9F05-6210FD263DF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87E03978-E16D-4A9B-8AE7-9F4F1171C14A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03096A9A-5758-47E6-81E2-BCFE847C41F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"150CC865-7975-45EC-BFF7-A94146442BA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8FA1308-589B-432B-80F9-9A499D083ED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ED2453E-30E1-4620-BEC5-21B0083449E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FE8DD05-D700-4F89-9B01-D489029DF7A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"050957CA-6191-4F9F-9D07-48B342B3B1B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DACBF998-8B11-45C7-9017-486AED4FAE6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F2F3C4-FC94-414A-A208-913A43D57D75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641152EC-F4B4-4E5E-B396-AC4CAAB805BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4911E332-B8BA-4336-A448-3F70D2BBB147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"330EC403-3174-4543-9BBE-CEC0ABC1575D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF585D0-507E-491E-9C3B-78EE26F2F070\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD00F7C6-6762-4DC9-9F6C-5EAC4ACB1C54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5D885A-85C4-4A11-B061-61EFF6B6E329\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0502B59F-933C-4E25-A2EC-9296B197E139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99D9C0A9-2DFF-4760-8FED-AC2DA7968E51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A1BAEC-18BF-4607-BFB7-48102E75186A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D49ED138-F42D-4451-A350-0B2DD5AB9444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ED91472-90FC-4AC8-96D5-1550A8502411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57CEEFA6-CEED-4CA3-8DDC-B6601D69FB7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FD25ECD-0605-4CD7-9DC5-294ACD7EF1B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2784E2AF-A5E5-4960-830C-B3EFB84043D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9112FA50-5527-4B20-80F5-2DE9E66D09F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73CE4E2E-B2BF-409E-B18C-D67DA810FE9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2B84D67-0B1D-4B74-BC85-AF8F933D8429\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA05A18-1523-4EED-9D2E-0A258A33F24F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34E70EB-92F0-43F6-8883-FE422BE1A3FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78D301F1-20C2-4756-9A90-37F14835CE14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2EEC8B5-1CAB-4FBE-BBA2-D2FFA3EF9489\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA63B803-4D48-42E8-A793-F92ABCB8BFC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129DB9CB-E878-4856-A954-15FFE1428636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"730DB4AA-FD7D-40C6-8D7F-19937832EF9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E86978-4820-422A-8C7C-FF0697DAED05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A7A9DB5-F544-4FD8-A9CC-0BD6257516AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF813AD9-D296-4915-861C-8DE929E45FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A65469-083F-40B5-86C5-A2EAE5B2F00A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F1AA82E-BD86-40F5-B417-71DF6AF53A37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71A6DB0-5EB0-4712-8480-CF427F521D33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8223D5A1-ADF1-43C6-AF91-EE5C413BCB37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DD69605-F52B-4623-921A-983A5A408ECA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1D5685F-6FFE-4A6A-9FF8-940C8DA36499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B94062D9-8DDA-4B4A-B3B5-07F71F5B97E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3832D0A6-419D-4876-B5C4-920578F713F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1AA5C8A-83A8-4F96-9D7C-7A50ADDB2341\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"404E38E6-9EB3-41D0-97A7-DC579688BFB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E4A921-AB28-47B7-B5A3-EB82193D15BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0357E48-2300-47B4-B9E5-9FE813A2FC09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96CC28B6-57D1-4919-AA55-A262CC16AFE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EB4C54D-1265-425A-B507-E1099844875A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97362147-3A71-430D-9064-4435D45C3B8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89212CF3-4E99-4389-94CE-F4211DDCA01B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBEA4DA3-0AFB-4FCE-92DB-5B316775BB17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"611C0A0A-1FA3-42F9-82E8-BFCB71A077DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F027D9-DCB4-4A3D-8987-41F2941DBD45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23BCEC9-2BFB-4B41-9A7A-18B1347C6202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4924CE39-A846-4DB4-9547-6322FC5AD6B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C9E2C9A-94A1-456B-90D5-54932DF64C22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC04C652-B2D8-4002-A50E-8AFE83204A25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D413F0-CDBC-4A63-B9A7-9E7725BA1E83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754A8826-59F7-4A71-B74B-737BE9C7DE4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADB6BDA-6825-489B-AB39-7729BA45DFD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7913F57E-E600-4767-AF51-D045E1898E72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3783F4-5A05-45AA-9791-A681011FD78C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E3114D-31D2-4DBF-A664-F4049D8B6266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8EE6578-981D-470C-BB24-4960B3CB1478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3320D50-C5C9-4D75-BF1A-5BB7BCBFE2BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EE59839-8EB9-47FE-88E2-F0D54BE787A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75694A3D-080A-4AA7-97DF-5A5833C9D9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19C5E27D-BBAB-4395-8FC6-8E3D4FB9A1EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E996176-3DEA-46E6-93B7-9C0DF32B59D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4417007D-126A-478B-87EA-039D088A4515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F78C2825-F6A3-4188-9D25-59EAEC8A7B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF2FA85D-B117-410D-B247-8C5A3479319A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A041D27-132C-4B15-976F-1750C039A89F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D495E06-BF2B-4C5A-881D-94C93CD2BA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C31DFB8-8D8C-47D6-AAFF-BAE829A3D965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088BC395-06D5-4156-85EB-63C4A9552898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A220A2-A6D2-46A7-B168-607400EEDCE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E79232F-7196-440B-82D4-165885251232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED866954-77AB-4CA8-8AED-4252C595FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A1F516-B180-45D4-8EB1-754B7497CB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36758A04-64D3-4150-A004-CF042FA31CD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E01752E-F1DD-400A-A917-216CAF15B0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD47EC58-F776-4F59-8F15-4B208904CF4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3781F4-2123-4FA1-8AF5-D0D1E6C1A5B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94565E35-8A58-4CB6-A489-C796DCB97FC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49964D35-5323-4412-BD54-661630F9A8CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0A37E7D-1BF6-4A2A-BF52-5F0EC4B4F341\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F66468-87D0-41FC-934B-5924BE2956CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E0F93E1-4607-4DF4-AC6E-4B7254D4A8DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C0D99E-443E-4AB1-A07A-900A09FE177E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6D0FD76-C1FB-43D0-8511-FC0BA6DA7960\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9DAEE52-09C3-4A09-9958-9D6807B2700B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B97690D4-E814-4D40-B170-BE56D7AE2C1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89804F2C-D32D-4444-ABEA-5B241153D096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAAAF9C-B29B-4020-BAFF-C87B1A08294A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECE60E1E-AB8D-46E4-A779-A54F2D20B5D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB958A28-7C9A-4BD0-B002-4E1A65CDB0A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C27B318-2AC1-423D-B0C8-583BB1800D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E58E3D0-1154-4B13-BA16-67CE67DF0637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32D2ACB3-B906-4944-A021-03C4645965BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FFF834A-D7F0-4E48-AD3D-DD0BCE6DEC0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E1A41BA-A1D6-484A-BAD2-68DF85598354\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11260C9D-69A9-4D81-9CCF-2E116DD75F7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C020F06-FD27-46E3-A48F-3F60F33BB969\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C74F10-6A7F-4F68-8A34-E981E1760DE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24741B98-8D0E-4307-AAEF-A14B2531DCA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D4FA4BA-4304-4A70-9F86-120F2A3D8148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"367FC8BA-F046-4264-A049-49E933E7698F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE9B68D3-1DFB-4468-85C4-AC13E6CBC111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C966A016-B650-44D9-B8C4-1ED50AB318DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC448FF0-6D3F-4609-864B-4191905EE2B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC246FE-4CA6-4B2D-83C3-D50A386C24A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"758A14DB-1BAF-442A-BA7C-5E9C67847BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61309100-CFA7-4607-A236-8910838AA057\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82D76265-7BD0-4C51-AE77-22B22524DE81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE38B195-BB8D-4747-881D-E8033760B4C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA8BE76-168D-48A3-8DF6-E91F44600408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B656975-5D71-4712-9820-BDB7BC248AFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA045267-114D-4587-B6D7-E273C28DC9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77018415-E122-406E-896D-1BC6CF790BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E1C012-3E05-44DB-B6D2-BFD619C034B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15D689D6-8594-42F2-8EEF-DCAEBA885A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6446000-0494-4DC5-ABAA-F20A44546068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B94EEC-6690-45D0-B086-F4A5B25C25CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"832AB3CD-E3A1-4CCB-A210-287973563D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A26C0CC-68AD-40F5-96B8-87E6C643F6F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C4221A-9994-43B3-9C7A-E13815A50A10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20070B1D-B91C-40BA-A9D8-E80170A2933F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70129C9-371F-4542-A388-C095869E593A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C4DE25F-168A-4C67-8B66-09F61F072BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58157F24-D89E-4552-8CE6-2F01E98BD1E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45ACBBEA-EC95-4F3E-B585-893DB6D21A0F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6A5EC79-1B21-4BB3-8791-73507BC8D4DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0387587-AAB6-4284-8516-4DA3E3582D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A238C975-9196-449F-9C15-ABB2E9FD1D06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F17F4A5-120B-4E00-97C8-8A85841ACBC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2537F047-64C9-4E73-B82C-310253184183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A55857C-649D-46CE-AEDA-6E553E554FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BA4892D-AFDF-4441-821E-5EBF7F64C9F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"327E06A3-7F0E-4498-8811-10C8D15398FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1624E6D6-858E-4085-B0B9-362B819EFD88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D61F4A-40F0-477C-8326-7359D3626E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1455B4DE-7F1C-4CF2-AE02-2EDD20025D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B215788-860B-46CD-9A08-43AFF98FAEAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4EB132B-000C-4A17-AFB3-19F40A73D2CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4815AE-B635-4545-83C2-5EC4E0128337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0046C06-E3E6-4674-A4D1-332DD29D9552\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C191851-3DC3-41C7-AD89-81F091CCC83A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21126922-8E81-47F4-82D4-CBCDDACEC4FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"209E18B0-BBB5-4C65-B336-44340F7740DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C867C0B8-91A4-482A-B7DD-54AB9599AE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F03843-8A51-4CE1-BE6C-994BDE3A8F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09854948-2657-4261-A32A-0523058F072E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D13904A5-266D-481C-A42A-734C3823A238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACC82FCB-0541-45C4-8B7E-CB612D7F702A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C18BD84-5E9C-4C9E-B0AA-2CEB0D7A58C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F5ABC7E-C4E0-4850-A1E6-07EBCF4A87D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"501E9355-0CDD-4951-BCC3-47962788BCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D976D9-62F0-43C3-8359-E51E26B6CD87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02AFBCD0-9B4B-4CA3-8FA9-D8B6ECB24894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64ADE9AF-196F-4E0B-BC66-7DE0183F9032\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C90CCA48-1705-4564-AAF9-271201BD5113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B82BAFF-17F5-465C-8032-67D5ECAB2921\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F694FEC-B97D-4BDA-ADFA-751E8BFB7CD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F831371E-7437-48D7-8281-1F406215041B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC4F06B5-615A-464A-A0C4-7AABEE8530CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92AF503A-A2B1-4FC3-858B-264049ADF0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E702C7EC-B1D9-4BDF-B334-2004CD76B52B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E39F31D6-DC4B-46FE-BE5D-EA612D915A96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51CB8036-5F36-4CD4-9B3E-D2401F2E64F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9849BA3-3990-4E30-B99B-ADD043314CDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A20FB18A-D3DA-4DE9-BEFF-75B7AB9B9A55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A67CD6F-5E4F-4E69-A2A9-A4033DCE08EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0A22E92-1EA7-45D9-AC86-EC3D9664C294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7FA2911-6561-47BF-BEE8-DDA31642C346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA6CA23-6F2B-44D5-B2DA-4F142BA3E48A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F829DED-4D92-401A-BD80-C070DE57FC7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F560575C-FD8E-485D-B50A-572604BBE903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ED8C51B-AE59-46DC-85F9-6D3B2891CB3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A38D00A-B9DC-44DF-8247-70355FF9A6EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"381EFC43-D5D9-4D10-90BE-4C333A9BA074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEDED18-2755-4C55-A1A1-04B4D5F40276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F04B57EC-0731-40C8-939F-1C686A65A0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB301FB-EB3E-4F5F-868D-5B66CC7E1E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE1D28F9-B135-441B-A9BF-792DD356E374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D01CE3E-5C89-4FC0-9097-CAC483ACD441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BDD55C4-AFCD-4DF2-921C-DDC1D7556DA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F52334F-BE6A-4FD4-9F63-AE9BB017115B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7C9BCC3-B9A6-4195-BF2F-E7BBCE8DC269\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A4DFFA7-AA0E-4D7E-97B8-13389FD47D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"707F6671-57AC-4DF4-8024-444502E5C92E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C1FCE07-F9E8-4B14-95CE-01784D472128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C208711F-FC06-46C8-8849-27054DC1B264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25AB8041-F201-4BB3-AAD9-199B06697DF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D75C474C-D5EF-42D6-9B2A-A504BEFCB982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F566CD3-3649-492B-B0AB-A107E51675B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9F3D74-AE72-4FC5-83E9-890781AF3093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E8EA6A7-4AB8-487E-B5DD-9989CC5F1CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF63DDC8-A0C1-482B-92F2-CF6135E8C2A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69918C6-7AAD-4AA5-AB72-C275367B1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06155B0B-A5AD-4A82-8C02-D264981687A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F76C19A4-FA26-432A-9443-9F92B2A946EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99BEE9BE-E49A-489B-B333-95D0993F8FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7427A678-EC47-4030-B905-619DD95F5A82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86749716-1C9F-4C2A-B2A7-E62DEC10EA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD000B53-06DA-4ED4-B0EE-9CB201B75C8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8424463-C329-4BAA-8AA1-25CD8B63292E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52727E62-0048-4C56-BC8C-B3450D257B21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8223AA-F077-45FD-A7E3-3C2C1A8F6E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAA34B50-2330-4D77-BF1A-6F05F3EF222C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6421F69-1076-43D2-B273-DE80FB2D5F72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1EDA9E2-CFE7-4917-BE48-A83208BDF0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A34E7FC-93A4-45F2-A7B6-4A8ABFCAB0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E611EDD-D44C-4311-B681-431D7C574528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E1B6AA-2F9A-43A8-9147-2BD9474E54C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1886D007-85B6-4E5A-968D-A1FD476A08A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDDDCB65-4404-49BC-9515-ECECD58A667F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B8D3E00-64C3-407A-9B00-8B6E383F73FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB1B00A1-9C15-47C2-9F57-66586DEACC7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5BF932-459F-4DD2-B160-5FE0371C7D83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58ACE96-F1BE-4261-8F94-FC3C6E7C7561\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"783D6EA7-C016-4314-A87B-4FED1DC7114B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AD0176F-FFAE-4A85-9327-CE72FE059E90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56970C7-F8D3-41B2-A78B-0C7F4A2A4E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26D4CE1F-86C8-4E48-9146-9DB57BF540FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB7F9D65-5537-4C25-B02B-2393F60D1299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F09C8A92-820D-4572-A797-180E17A7DEB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA7D77A2-0D9A-4D0D-B0DC-152757917BE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07D3F1A-16CE-461F-A2F4-80FE5F841CB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C04557A-C508-4FAD-A535-1C0AEFF08075\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AFAE489-6679-4705-BF9C-BB6D385A1DC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"429A99C8-BC55-4887-893C-7124C1A5DB08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3A2B709-CC19-4116-A5BE-5DB5C8B45A12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D79DAC74-1F28-4EC8-B417-3FAFFB74C4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1F1377-6220-43FB-BEF9-BAA7B0158147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18422CA8-3000-46B1-9065-2369E6B0BE16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D558C66-E80E-4FC7-A0DF-485466390C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23EA9AE-9E70-47B5-AD9B-0DF13A0939E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860F22F6-4C87-47C5-965E-02A1AFF41A72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A2CA86-BFA8-4C78-987D-AD26F32622F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF64E0A-CDB0-427E-A96F-095EFEBA0A3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"425F6D34-EE60-464B-8EA6-8116EDAA1219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB9F657-1239-4424-A2E8-F8BD98C0095E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F631403C-0A67-42CB-815C-133EB87E0C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A4A5A57-B1A2-4BBA-AC36-7EA7DF9CDE06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0453C0EA-BA67-49D5-964F-35493F97D905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D4D237E-ACB7-4382-AF5B-D27E634BF867\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5461EB2-2958-4923-86AF-C74D449120B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C22141-E698-4E38-AF50-9CE04C1168FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49D0E470-427D-4A68-AFD2-982A4F7CE2D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43AB50F3-14AC-44BD-B7F0-A683C5FD1A3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"713C4B7A-C38A-4818-A258-D07DEDEC906E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59740BE-FC30-4400-B978-1DB41282971C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"839728F0-5F23-462F-B493-C37EE4C874F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1B47DA-BA53-4D7A-9B5B-582238D5E99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D452F1BF-1FA5-463C-8F13-6357509FB5D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF6D1F4C-B396-468C-BA32-9367A68C95DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76A812F-D77A-49C8-B7A5-0C08258D4BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E001AAB-07EC-47BF-BDE9-BB927872781D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1DF11F5-61E8-4A98-86C8-49D6B3224FCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED153E7-99A2-4C02-B81B-C3DDF8FAE1A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D024802A-EA60-4D9B-B04C-027A0703EABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA731F3C-1F04-4EE2-83EC-9486F5032903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"544A59F6-E731-43C8-8455-69256933E71D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624258EE-7FFF-4432-9B6D-4D60AA73CD9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A2701A-35A8-4268-B9CF-40BA3219373B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E671F6-8DED-4735-BE97-58A60E5B5C13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC68B2A-8570-4311-BB60-49DBBDAF7430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9826FA02-937E-4323-B9D5-8AE059ADBE95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8630BB-48AA-4688-A6F0-212C1BB4D14C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AC98D35-D7D5-4C24-B47E-EDE2A80B2B9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F8ABCB-12C3-4C45-844E-B07F77DA2DE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"326105AC-3926-437E-8AFF-916960107050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"866E1275-7541-4B80-8FDF-53246A204C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E190929D-D3CC-46E1-A903-0848829061DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81E4EBCB-B660-4F6A-AD73-81B9D8964162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D58CC5-CB46-464D-93B8-6AD5A19AF097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16541D3E-EBBD-4D92-96D8-F169733377AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F08D257-F570-4D39-A6E8-0F60E55472E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C20ED667-2BFB-41C7-82BA-9F0C0044DA08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6158ED8A-007E-48B7-99BF-8BA03BF584BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBA7096A-F321-49A0-911A-F9683ABE6E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A471395-7F8F-4BA5-962D-4D8F271FAB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9484380-92B9-44DB-8E20-DC8DE02D1CA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8010808D-805D-4CA3-9EA2-55EB1E57964C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9716FE9F-A056-42A3-A241-F2FE37A6386A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73422A3-ECA0-4C41-9AA5-CF7D77885CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A96A5AF-C9EF-4DED-AE25-4540A2B02915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5115B12-053A-4866-A833-D6EC88D8F93E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5619D4D-9685-4595-8A5F-A18273FE4213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77E00E7-0EA4-4E32-A693-0E0F66BA4C57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAA3457E-7E1A-4878-9752-79382E954A66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68630C63-4457-4E12-B7BD-AD456B237FC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FB5695-2950-4CEC-81B4-FD280F835330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F340AF8-508F-449D-9AFA-4E55F069B4F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E944410E-D674-4141-B50C-9F55090325FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6438E07-0AC0-4BF9-B0F2-9072CA9639D6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5079AA70-C864-4AE2-809C-52B50632F2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D124BCB-D8C3-49F5-B05C-E09B3CEBEBCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A86291B-C986-4320-BCEF-9F5AD8B309D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1227659F-1393-4189-978B-CC3DC53BF407\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C2DB843-638F-41EF-B486-409318AA2DE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0004D8A-A186-4DA2-A7AB-18A6456438FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B6BE9F-F113-4976-951D-53F2E183A95A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEB005F1-9719-4985-B9D9-2140C962ADD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A94D0C1B-F30F-4724-915E-192C53FAE58A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F247860-1D2C-415C-AFBD-26BD875AAF02\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9697EDCD-A742-4AC6-876E-1080AD684207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E73924A-875B-44D0-8F7C-A822B0488126\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03751B92-EE07-4F16-A476-BD25561810BC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF71B61-A595-476B-B949-1A0FBDB360A6\"}]}]}],\"references\":[{\"url\":\"http://support.lenovo.com/us/en/solutions/LEN-24163\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105080\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041451\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1042004\",\"source\":\"secure@intel.com\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-273.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2384\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2387\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2388\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2389\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2390\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2391\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2392\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2393\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2394\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2395\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2396\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2402\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2403\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2404\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2602\",\"source\":\"secure@intel.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2603\",\"source\":\"secure@intel.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://foreshadowattack.eu/\",\"source\":\"secure@intel.com\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\",\"source\":\"secure@intel.com\"},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-06\",\"source\":\"secure@intel.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180815-0001/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\",\"source\":\"secure@intel.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K31300402\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3740-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3740-2/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3741-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3741-2/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://usn.ubuntu.com/3742-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3742-2/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3756-1/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://usn.ubuntu.com/3823-1/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4274\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4279\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/982149\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_45\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.lenovo.com/us/en/solutions/LEN-24163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1042004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-273.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2388\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2390\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2391\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2392\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2393\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2395\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2403\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2404\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2602\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://foreshadowattack.eu/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180815-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K31300402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3740-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3740-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3741-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3741-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3742-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3742-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3756-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3823-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4279\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/982149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_45\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/982149\", \"name\": \"VU#982149\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1041451\", \"name\": \"1041451\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3741-2/\", \"name\": \"USN-3741-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2393\", \"name\": \"RHSA-2018:2393\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3823-1/\", \"name\": \"USN-3823-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2389\", \"name\": \"RHSA-2018:2389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1042004\", \"name\": \"1042004\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2390\", \"name\": \"RHSA-2018:2390\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2403\", \"name\": \"RHSA-2018:2403\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/105080\", \"name\": \"105080\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2395\", \"name\": \"RHSA-2018:2395\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2384\", \"name\": \"RHSA-2018:2384\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3740-2/\", \"name\": \"USN-3740-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc\", \"name\": \"FreeBSD-SA-18:09\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4274\", \"name\": \"DSA-4274\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/\", \"name\": \"FEDORA-2018-1c80fea1cd\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2388\", \"name\": \"RHSA-2018:2388\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3741-1/\", \"name\": \"USN-3741-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2603\", \"name\": \"RHSA-2018:2603\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2402\", \"name\": \"RHSA-2018:2402\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\", \"name\": \"20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/\", \"name\": \"FEDORA-2018-f8cba144ae\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3742-2/\", \"name\": \"USN-3742-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2404\", \"name\": \"RHSA-2018:2404\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3740-1/\", \"name\": \"USN-3740-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2391\", \"name\": \"RHSA-2018:2391\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2396\", \"name\": \"RHSA-2018:2396\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4279\", \"name\": \"DSA-4279\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2392\", \"name\": \"RHSA-2018:2392\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html\", \"name\": \"[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3742-1/\", \"name\": \"USN-3742-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2602\", \"name\": \"RHSA-2018:2602\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2394\", \"name\": \"RHSA-2018:2394\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2387\", \"name\": \"RHSA-2018:2387\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3756-1/\", \"name\": \"USN-3756-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-273.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://foreshadowattack.eu/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180815-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://support.lenovo.com/us/en/solutions/LEN-24163\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_45\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/csp/article/K31300402\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T04:50:30.406Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-3646\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-29T20:10:26.910599Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-29T20:10:24.016Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Intel Corporation\", \"product\": \"Multiple\", \"versions\": [{\"status\": \"affected\", \"version\": \"Multiple\"}]}], \"datePublic\": \"2018-08-14T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/982149\", \"name\": \"VU#982149\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://www.securitytracker.com/id/1041451\", \"name\": \"1041451\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"https://usn.ubuntu.com/3741-2/\", \"name\": \"USN-3741-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2393\", \"name\": \"RHSA-2018:2393\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3823-1/\", \"name\": \"USN-3823-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2389\", \"name\": \"RHSA-2018:2389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securitytracker.com/id/1042004\", \"name\": \"1042004\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2390\", \"name\": \"RHSA-2018:2390\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2403\", \"name\": \"RHSA-2018:2403\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/bid/105080\", \"name\": \"105080\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2395\", \"name\": \"RHSA-2018:2395\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2384\", \"name\": \"RHSA-2018:2384\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3740-2/\", \"name\": \"USN-3740-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc\", \"name\": \"FreeBSD-SA-18:09\", \"tags\": [\"vendor-advisory\", \"x_refsource_FREEBSD\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4274\", \"name\": \"DSA-4274\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/\", \"name\": \"FEDORA-2018-1c80fea1cd\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2388\", \"name\": \"RHSA-2018:2388\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3741-1/\", \"name\": \"USN-3741-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2603\", \"name\": \"RHSA-2018:2603\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2402\", \"name\": \"RHSA-2018:2402\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\", \"name\": \"20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/\", \"name\": \"FEDORA-2018-f8cba144ae\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://usn.ubuntu.com/3742-2/\", \"name\": \"USN-3742-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2404\", \"name\": \"RHSA-2018:2404\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3740-1/\", \"name\": \"USN-3740-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2391\", \"name\": \"RHSA-2018:2391\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2396\", \"name\": \"RHSA-2018:2396\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4279\", \"name\": \"DSA-4279\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2392\", \"name\": \"RHSA-2018:2392\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html\", \"name\": \"[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://usn.ubuntu.com/3742-1/\", \"name\": \"USN-3742-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2602\", \"name\": \"RHSA-2018:2602\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2394\", \"name\": \"RHSA-2018:2394\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2387\", \"name\": \"RHSA-2018:2387\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://usn.ubuntu.com/3756-1/\", \"name\": \"USN-3756-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-273.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://foreshadowattack.eu/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180815-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://support.lenovo.com/us/en/solutions/LEN-24163\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_45\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.f5.com/csp/article/K31300402\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Information Disclosure\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2020-07-15T02:22:59.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Multiple\"}]}, \"product_name\": \"Multiple\"}]}, \"vendor_name\": \"Intel Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.kb.cert.org/vuls/id/982149\", \"name\": \"VU#982149\", \"refsource\": \"CERT-VN\"}, {\"url\": \"http://www.securitytracker.com/id/1041451\", \"name\": \"1041451\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://security.gentoo.org/glsa/201810-06\", \"name\": \"GLSA-201810-06\", \"refsource\": \"GENTOO\"}, {\"url\": \"https://usn.ubuntu.com/3741-2/\", \"name\": \"USN-3741-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2393\", \"name\": \"RHSA-2018:2393\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3823-1/\", \"name\": \"USN-3823-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2389\", \"name\": \"RHSA-2018:2389\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securitytracker.com/id/1042004\", \"name\": \"1042004\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2390\", \"name\": \"RHSA-2018:2390\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2403\", \"name\": \"RHSA-2018:2403\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securityfocus.com/bid/105080\", \"name\": \"105080\", \"refsource\": \"BID\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2395\", \"name\": \"RHSA-2018:2395\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2384\", \"name\": \"RHSA-2018:2384\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3740-2/\", \"name\": \"USN-3740-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc\", \"name\": \"FreeBSD-SA-18:09\", \"refsource\": \"FREEBSD\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4274\", \"name\": \"DSA-4274\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/\", \"name\": \"FEDORA-2018-1c80fea1cd\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2388\", \"name\": \"RHSA-2018:2388\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3741-1/\", \"name\": \"USN-3741-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2603\", \"name\": \"RHSA-2018:2603\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2402\", \"name\": \"RHSA-2018:2402\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\", \"name\": \"20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018\", \"refsource\": \"CISCO\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/\", \"name\": \"FEDORA-2018-f8cba144ae\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://usn.ubuntu.com/3742-2/\", \"name\": \"USN-3742-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2404\", \"name\": \"RHSA-2018:2404\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3740-1/\", \"name\": \"USN-3740-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2391\", \"name\": \"RHSA-2018:2391\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2396\", \"name\": \"RHSA-2018:2396\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4279\", \"name\": \"DSA-4279\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2392\", \"name\": \"RHSA-2018:2392\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html\", \"name\": \"[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://usn.ubuntu.com/3742-1/\", \"name\": \"USN-3742-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2602\", \"name\": \"RHSA-2018:2602\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\", \"name\": \"[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2394\", \"name\": \"RHSA-2018:2394\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2387\", \"name\": \"RHSA-2018:2387\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://usn.ubuntu.com/3756-1/\", \"name\": \"USN-3756-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"name\": \"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"name\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"name\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-273.html\", \"name\": \"http://xenbits.xen.org/xsa/advisory-273.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://foreshadowattack.eu/\", \"name\": \"https://foreshadowattack.eu/\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180815-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20180815-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://support.lenovo.com/us/en/solutions/LEN-24163\", \"name\": \"http://support.lenovo.com/us/en/solutions/LEN-24163\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\", \"name\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_45\", \"name\": \"https://www.synology.com/support/security/Synology_SA_18_45\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\", \"name\": \"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\", \"name\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\", \"name\": \"http://www.vmware.com/security/advisories/VMSA-2018-0020.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.f5.com/csp/article/K31300402\", \"name\": \"https://support.f5.com/csp/article/K31300402\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Information Disclosure\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-3646\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@intel.com\", \"DATE_PUBLIC\": \"2018-08-14T00:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2018-3646\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-29T20:10:40.370Z\", \"dateReserved\": \"2017-12-28T00:00:00.000Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2018-08-14T19:00:00.000Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2018:2596-1
Vulnerability from csaf_suse - Published: 2018-09-03 15:29 - Updated: 2018-09-03 15:29Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.147 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bnc#1102851 bsc#1103580).
- CVE-2018-10876: A flaw was found in the ext4 filesystem code. A use-after-free was possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811)
- CVE-2018-10877: The ext4 filesystem was vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. (bnc#1099846)
- CVE-2018-10878: A flaw was found in the ext4 filesystem. A local user could cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. (bnc#1099813)
- CVE-2018-10879: A flaw was found in the ext4 filesystem. A local user could cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. (bnc#1099844)
- CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. (bnc#1099845)
- CVE-2018-10881: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099864)
- CVE-2018-10882: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. (bnc#1099849)
- CVE-2018-10883: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099863)
- CVE-2018-14734: drivers/infiniband/core/ucma.c allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bnc#1103119).
- CVE-2018-3620: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis (bnc#1087081).
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bnc#1089343 bnc#1104365).
- CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bnc#1102340).
- CVE-2018-5391 aka 'FragmentSmack': A flaw in the IP packet reassembly could be used by remote attackers to consume lots of CPU time (bnc#1103097).
- CVE-2018-9363: A buffer overflow in bluetooth HID report processing could be used by malicious bluetooth devices to crash the kernel or potentially execute code (bnc#1105292).
The following non-security bugs were fixed:
- acpi / pci: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).
- Add support for 5,25,50, and 100G to 802.3ad bonding driver (bsc#1096978)
- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS (bnc#1012382).
- alsa: emu10k1: add error handling for snd_ctl_add (bnc#1012382).
- alsa: emu10k1: Rate-limit error messages about page errors (bnc#1012382).
- alsa: fm801: add error handling for snd_ctl_add (bnc#1012382).
- alsa: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).
- alsa: rawmidi: Change resized buffers atomically (bnc#1012382).
- alsa: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).
- arc: Fix CONFIG_SWAP (bnc#1012382).
- arc: mm: allow mprotect to make stack mappings executable (bnc#1012382).
- arm64: do not open code page table entry creation (bsc#1102197).
- arm64: kpti: Use early_param for kpti= command-line option (bsc#1102188).
- arm64: Make sure permission updates happen for pmd/pud (bsc#1102197).
- arm: dts: imx6q: Use correct SDMA script for SPI5 core (bnc#1012382).
- arm: fix put_user() for gcc-8 (bnc#1012382).
- asoc: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).
- asoc: pxa: Fix module autoload for platform drivers (bnc#1012382).
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).
- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).
- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).
- ath: Add regulatory mapping for Bahamas (bnc#1012382).
- ath: Add regulatory mapping for Bermuda (bnc#1012382).
- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).
- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).
- ath: Add regulatory mapping for Serbia (bnc#1012382).
- ath: Add regulatory mapping for Tanzania (bnc#1012382).
- ath: Add regulatory mapping for Uganda (bnc#1012382).
- atm: zatm: Fix potential Spectre v1 (bnc#1012382).
- audit: allow not equal op for audit by executable (bnc#1012382).
- bcache: add backing_request_endio() for bi_end_io (bsc#1064232).
- bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064232).
- bcache: add io_disable to struct cached_dev (bsc#1064232).
- bcache: add journal statistic (bsc#1076110).
- bcache: Add __printf annotation to __bch_check_keys() (bsc#1064232).
- bcache: add stop_when_cache_set_failed option to backing device (bsc#1064232).
- bcache: add wait_for_kthread_stop() in bch_allocator_thread() (bsc#1064232).
- bcache: Annotate switch fall-through (bsc#1064232).
- bcache: closures: move control bits one bit right (bsc#1076110).
- bcache: correct flash only vols (check all uuids) (bsc#1064232).
- bcache: count backing device I/O error for writeback I/O (bsc#1064232).
- bcache: Fix a compiler warning in bcache_device_init() (bsc#1064232).
- bcache: fix cached_dev->count usage for bch_cache_set_error() (bsc#1064232).
- bcache: fix crashes in duplicate cache device register (bsc#1076110).
- bcache: fix error return value in memory shrink (bsc#1064232).
- bcache: fix high CPU occupancy during journal (bsc#1076110).
- bcache: Fix, improve efficiency of closure_sync() (bsc#1076110).
- bcache: fix inaccurate io state for detached bcache devices (bsc#1064232).
- bcache: fix incorrect sysfs output value of strip size (bsc#1064232).
- bcache: Fix indentation (bsc#1064232).
- bcache: Fix kernel-doc warnings (bsc#1064232).
- bcache: fix misleading error message in bch_count_io_errors() (bsc#1064232).
- bcache: fix using of loop variable in memory shrink (bsc#1064232).
- bcache: fix writeback target calc on large devices (bsc#1076110).
- bcache: fix wrong return value in bch_debug_init() (bsc#1076110).
- bcache: mark closure_sync() __sched (bsc#1076110).
- bcache: move closure debug file into debug directory (bsc#1064232).
- bcache: reduce cache_set devices iteration by devices_max_used (bsc#1064232).
- bcache: Reduce the number of sparse complaints about lock imbalances (bsc#1064232).
- bcache: Remove an unused variable (bsc#1064232).
- bcache: ret IOERR when read meets metadata error (bsc#1076110).
- bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n (bsc#1064232).
- bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064232).
- bcache: set dc->io_disable to true in conditional_stop_bcache_device() (bsc#1064232).
- bcache: set error_limit correctly (bsc#1064232).
- bcache: set writeback_rate_update_seconds in range [1, 60] seconds (bsc#1064232).
- bcache: stop bcache device when backing device is offline (bsc#1064232).
- bcache: stop dc->writeback_rate_update properly (bsc#1064232).
- bcache: stop writeback thread after detaching (bsc#1076110).
- bcache: store disk name in struct cache and struct cached_dev (bsc#1064232).
- bcache: Suppress more warnings about set-but-not-used variables (bsc#1064232).
- bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set (bsc#1064232).
- bcache: Use PTR_ERR_OR_ZERO() (bsc#1076110).
- bcm63xx_enet: correct clock usage (bnc#1012382).
- bcm63xx_enet: do not write to random DMA channel on BCM6345 (bnc#1012382).
- blkcg: simplify statistic accumulation code (bsc#1082979).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: do not use interruptible wait anywhere (bnc#1012382).
- block/swim: Fix array bounds check (bsc#1082979).
- bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).
- bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).
- bpf: fix loading of BPF_MAXINSNS sized programs (bsc#1012382).
- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).
- bpf, x64: fix memleak when not converging after image (bsc#1012382).
- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).
- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).
- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).
- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf (git-fixes).
- cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag (bsc#1099858).
- cachefiles: Fix refcounting bug in backing-file read monitoring (bsc#1099858).
- cachefiles: Wait rather than BUG'ing on 'Unexpected object collision' (bsc#1099858).
- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).
- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).
- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).
- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).
- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).
- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).
- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).
- cifs: fix bad/NULL ptr dereferencing in SMB2_sess_setup() (bsc#1090123).
- cifs: Fix infinite loop when using hard mount option (bnc#1012382).
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).
- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled (bnc#1012382).
- compiler, clang: properly override 'inline' for clang (bnc#1012382).
- compiler, clang: suppress warning for unused static inline functions (bnc#1012382).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (bnc#1012382).
- cpu/hotplug: Add sysfs state interface (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Split do_cpu_down() (bsc#1089343).
- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).
- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).
- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak (bnc#1012382).
- crypto: crypto4xx - remove bad list_del (bnc#1012382).
- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).
- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).
- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).
- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).
- dm thin metadata: remove needless work from __commit_transaction (bsc#1082979).
- documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).
- drbd: fix access after free (bnc#1012382).
- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).
- drm: Add DP PSR2 sink enable bit (bnc#1012382).
- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).
- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).
- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).
- drm/msm: Fix possible null dereference on failure of get_pages() (bsc#1102394).
- drm/radeon: fix mode_valid's return type (bnc#1012382).
- drm: re-enable error handling (bsc#1103884).
- esp6: fix memleak on error path in esp6_input (git-fixes).
- ext4: add more inode number paranoia checks (bnc#1012382).
- ext4: add more mount time checks of the superblock (bnc#1012382).
- ext4: always check block group bounds in ext4_init_block_bitmap() (bnc#1012382).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: check superblock mapped prior to committing (bnc#1012382).
- ext4: clear i_data in ext4_inode_info when removing inline data (bnc#1012382).
- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- ext4: fix inline data updates with checksums enabled (bsc#1104494).
- ext4: include the illegal physical block in the bad map ext4_error msg (bnc#1012382).
- ext4: make sure bitmaps and the inode table do not overlap with bg descriptors (bnc#1012382).
- ext4: only look at the bg_flags field if it is valid (bnc#1012382).
- ext4: verify the depth of extent tree in ext4_find_extent() (bnc#1012382).
- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).
- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).
- fscache: Allow cancelled operations to be enqueued (bsc#1099858).
- fscache: Fix reference overput in fscache_attach_object() error handling (bsc#1099858).
- genirq: Make force irq threading setup more robust (bsc#1082979).
- hid: debug: check length before copy_to_user() (bnc#1012382).
- hid: hiddev: fix potential Spectre v1 (bnc#1012382).
- hid: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).
- hid: i2c-hid: check if device is there before really probing (bnc#1012382).
- hid: i2c-hid: Fix 'incomplete report' noise (bnc#1012382).
- hid: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter (bnc#1012382).
- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).
- i2c: imx: Fix reinit_completion() use (bnc#1012382).
- i2c: rcar: fix resume by always initializing registers before transfer (bnc#1012382).
- ib/isert: fix T10-pi check mask setting (bsc#1082979).
- ibmasm: do not write out of bounds in read handler (bnc#1012382).
- ibmvnic: Fix error recovery on login failure (bsc#1101789).
- ibmvnic: Remove code to request error information (bsc#1104174).
- ibmvnic: Revise RX/TX queue error messages (bsc#1101331).
- ibmvnic: Update firmware error reporting with cause string (bsc#1104174).
- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).
- input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).
- input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).
- input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).
- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).
- ip: hash fragments consistently (bnc#1012382).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).
- ipv4: Fix error return value in fib_convert_metrics() (bnc#1012382).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).
- ipv6: fix useless rol32 call on hash (bnc#1012382).
- iw_cxgb4: correctly enforce the max reg_mr depth (bnc#1012382).
- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).
- jbd2: do not mark block as modified if the handle is out of credits (bnc#1012382).
- kabi protect includes in include/linux/inet.h (bsc#1095643).
- KABI protect net/core/utils.c includes (bsc#1095643).
- kABI: protect struct loop_device (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kABI: reintroduce __static_cpu_has_safe (kabi).
- kabi/severities: add 'drivers/md/bcache/* PASS' since no one uses symboles expoted by bcache.
- kbuild: fix # escaping in .cmd files for future Make (bnc#1012382).
- KEYS: DNS: fix parsing multiple options (bnc#1012382).
- kmod: fix wait on recursive loop (bsc#1099792).
- kmod: reduce atomic operations on kmod_concurrent and simplify (bsc#1099792).
- kmod: throttle kmod thread limit (bsc#1099792).
- kprobes/x86: Do not modify singlestep buffer while resuming (bnc#1012382).
- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).
- kvm: arm/arm64: Drop resource size check for GICV window (bsc#1102215).
- kvm: arm/arm64: Set dist->spis to NULL after kfree (bsc#1102214).
- kvm/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).
- kvm: x86: vmx: fix vpid leak (bnc#1012382).
- libata: do not try to pass through NCQ commands to non-NCQ devices (bsc#1082979).
- libata: Fix command retry decision (bnc#1012382).
- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).
- loop: add recursion validation to LOOP_CHANGE_FD (bnc#1012382).
- loop: remember whether sysfs_create_group() was done (bnc#1012382).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).
- media: cx25840: Use subdev host data for PLL override (bnc#1012382).
- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).
- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).
- media: saa7164: Fix driver name in debug output (bnc#1012382).
- media: si470x: fix __be16 annotations (bnc#1012382).
- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).
- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).
- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).
- memory: tegra: Do not handle spurious interrupts (bnc#1012382).
- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).
- microblaze: Fix simpleImage format generation (bnc#1012382).
- mmc: dw_mmc: fix card threshold control configuration (bsc#1102203).
- mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing (bsc#1097771).
- mm: hugetlb: yield when prepping struct pages (bnc#1012382).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).
- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).
- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).
- mtd: cfi_cmdset_0002: Change definition naming to retry write operation (bnc#1012382).
- mtd: cfi_cmdset_0002: Change erase functions to check chip good only (bnc#1012382).
- mtd: cfi_cmdset_0002: Change erase functions to retry for error (bnc#1012382).
- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).
- mtd: rawnand: mxc: set spare area size register explicitly (bnc#1012382).
- mtd: ubi: wl: Fix error return code in ubi_wl_init() (git-fixes).
- mwifiex: correct histogram data with appropriate index (bnc#1012382).
- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).
- net: cxgb3_main: fix potential Spectre v1 (bnc#1012382).
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (bnc#1012382).
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (bnc#1012382).
- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).
- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).
- netfilter: ebtables: reject non-bridge targets (bnc#1012382).
- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).
- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).
- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).
- netfilter: nf_log: do not hold nf_log_mutex during user access (bnc#1012382).
- netfilter: nf_queue: augment nfqa_cfg_policy (bnc#1012382).
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (bnc#1012382).
- netfilter: x_tables: initialise match/target check parameter struct (bnc#1012382).
- net: fix amd-xgbe flow-control issue (bnc#1012382).
- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).
- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).
- netlink: Do not shift on 64 for ngroups (bnc#1012382).
- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).
- netlink: Do not subscribe to non-existent groups (bnc#1012382).
- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).
- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).
- net/mlx5: Fix command interface race in polling mode (bnc#1012382).
- net/mlx5: Fix incorrect raw command length parsing (bnc#1012382).
- net: mvneta: fix the Rx desc DMA address in the Rx path (bsc#1102207).
- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL (bnc#1012382).
- net: off by one in inet6_pton() (bsc#1095643).
- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).
- net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1102205).
- net_sched: blackhole: tell upper qdisc about dropped packets (bnc#1012382).
- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).
- net: stmmac: align DMA stuff to largest cache line length (bnc#1012382).
- net: sungem: fix rx checksum support (bnc#1012382).
- net/utils: generic inet_pton_with_scope helper (bsc#1095643).
- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).
- nohz: Fix local_timer_softirq_pending() (bnc#1012382).
- n_tty: Access echo_* variables carefully (bnc#1012382).
- n_tty: Fix stall at n_tty_receive_char_special() (bnc#1012382).
- null_blk: use sector_div instead of do_div (bsc#1082979).
- nvme-pci: initialize queue memory before interrupts (bnc#1012382).
- nvme-rdma: Check remotely invalidated rkey matches our expected rkey (bsc#1092001).
- nvme-rdma: default MR page size to 4k (bsc#1092001).
- nvme-rdma: do not complete requests before a send work request has completed (bsc#1092001).
- nvme-rdma: do not suppress send completions (bsc#1092001).
- nvme-rdma: Fix command completion race at error recovery (bsc#1090435).
- nvme-rdma: make nvme_rdma_[create|destroy]_queue_ib symmetrical (bsc#1092001).
- nvme-rdma: use inet_pton_with_scope helper (bsc#1095643).
- nvme-rdma: Use mr pool (bsc#1092001).
- nvme-rdma: wait for local invalidation before completing a request (bsc#1092001).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bnc#1012382).
- pci: ibmphp: Fix use-before-set in get_max_bus_speed() (bsc#1100132).
- pci: pciehp: Request control of native hotplug only if supported (bnc#1012382).
- pci: Prevent sysfs disable of device while driver is attached (bnc#1012382).
- perf: fix invalid bit in diagnostic entry (bnc#1012382).
- perf tools: Move syscall number fallbacks from perf-sys.h to tools/arch/x86/include/asm/ (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).
- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).
- pm / hibernate: Fix oops at snapshot_write() (bnc#1012382).
- powerpc/32: Add a missing include header (bnc#1012382).
- powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244, bsc#1100930, bsc#1102683).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).
- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).
- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).
- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).
- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).
- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).
- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).
- powerpc/powermac: Mark variable x as unused (bnc#1012382).
- provide special timeout module parameters for EC2 (bsc#1065364).
- ptp: fix missing break in switch (bnc#1012382).
- qed: Limit msix vectors in kdump kernel to the minimum required count (bnc#1012382).
- r8152: napi hangup fix after disconnect (bnc#1012382).
- random: mix rdrand with entropy sent in from userspace (bnc#1012382).
- rdma/mad: Convert BUG_ONs to error flows (bnc#1012382).
- rdma/ocrdma: Fix an error code in ocrdma_alloc_pd() (bsc#1082979).
- rdma/ocrdma: Fix error codes in ocrdma_create_srq() (bsc#1082979).
- rdma/ucm: Mark UCM interface as BROKEN (bnc#1012382).
- rds: avoid unenecessary cong_update in loop transport (bnc#1012382).
- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).
- Remove broken patches for dac9063 watchdog (bsc#1100843)
- restore cond_resched() in shrink_dcache_parent() (bsc#1098599).
- Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue' (bsc#1103717)
- Revert 'net: Do not copy pfmemalloc flag in __copy_skb_header()' (kabi).
- Revert 'sit: reload iphdr in ipip6_rcv' (bnc#1012382).
- Revert 'skbuff: Unconditionally copy pfmemalloc in __skb_clone()' (kabi).
- Revert 'x86/cpufeature: Move some of the scattered feature bits to x86_capability' (kabi).
- Revert 'x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6' (kabi).
- Revert 'x86/mm: Give each mm TLB flush generation a unique ID' (kabi).
- Revert 'x86/speculation: Use Indirect Branch Prediction Barrier in context switch' (kabi).
- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).
- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).
- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).
- rtlwifi: rtl8821ae: fix firmware is not ready to run (bnc#1012382).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).
- s390: Correct register corruption in critical section cleanup (bnc#1012382).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).
- s390/qeth: fix error handling in adapter command callbacks (bnc#1103745, LTC#169699).
- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
- sched/smt: Update sched_smt_present at runtime (bsc#1089343).
- scsi: 3w-9xxx: fix a missing-check bug (bnc#1012382).
- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).
- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).
- scsi: megaraid: silence a static checker bug (bnc#1012382).
- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).
- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1082979).
- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).
- scsi: sg: fix minor memory leak in error path (bsc#1082979).
- scsi: sg: mitigate read/write abuse (bsc#1101296).
- scsi: target: fix crash with iscsi target and dvd (bsc#1082979).
- scsi: ufs: fix exception event handling (bnc#1012382).
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).
- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).
- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).
- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).
- smsc95xx: Configure pause time to 0xffff when tx flow control enabled (bsc#1085536).
- squashfs: be more careful about metadata corruption (bnc#1012382).
- squashfs: more metadata hardening (bnc#1012382).
- squashfs: more metadata hardenings (bnc#1012382).
- staging: android: ion: Return an ERR_PTR in ion_map_kernel (bnc#1012382).
- staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write() (bnc#1012382).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).
- tcp: add one more quick ack after after ECN events (bnc#1012382).
- tcp: do not aggressively quick ack after ECN events (bnc#1012382).
- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).
- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).
- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).
- tcp: fix dctcp delayed ACK schedule (bnc#1012382).
- tcp: fix Fast Open key endianness (bnc#1012382).
- tcp: helpers to send special DCTCP ack (bnc#1012382).
- tcp: prevent bogus FRTO undos with non-SACK flows (bnc#1012382).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).
- tg3: Add higher cpu clock for 5762 (bnc#1012382).
- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).
- tools build: fix # escaping in .cmd files for future Make (bnc#1012382).
- tracing: Fix double free of event_trigger_data (bnc#1012382).
- tracing: Fix missing return symbol in function_graph output (bnc#1012382).
- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).
- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).
- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).
- turn off -Wattribute-alias (bnc#1012382).
- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).
- ubi: fastmap: Correctly handle interrupted erasures in EBA (bnc#1012382).
- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).
- ubi: Fix Fastmap's update_vol() (bnc#1012382).
- ubi: Fix races around ubi_refill_pools() (bnc#1012382).
- ubi: Introduce vol_ignored() (bnc#1012382).
- ubi: Rework Fastmap attach base code (bnc#1012382).
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bnc#1012382).
- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).
- usb: cdc_acm: Add quirk for Uniden UBC125 scanner (bnc#1012382).
- usb: core: handle hub C_PORT_OVER_CURRENT condition (bsc#1100132).
- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).
- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).
- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).
- usb: quirks: add delay quirks for Corsair Strafe (bnc#1012382).
- USB: serial: ch341: fix type promotion bug in ch341_control_in() (bnc#1012382).
- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick (bnc#1012382).
- USB: serial: cp210x: add CESINEL device ids (bnc#1012382).
- USB: serial: cp210x: add Silicon Labs IDs for Windows Update (bnc#1012382).
- USB: serial: keyspan_pda: fix modem-status error handling (bnc#1012382).
- USB: serial: mos7840: fix status-register error handling (bnc#1012382).
- USB: yurex: fix out-of-bounds uaccess in read handler (bnc#1012382).
- vfio: platform: Fix reset module leak in error path (bsc#1102211).
- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
- vhost_net: validate sock before trying to put its fd (bnc#1012382).
- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).
- vmw_balloon: fix inflation with batching (bnc#1012382).
- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).
- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).
- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).
- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).
- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).
- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).
- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).
- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).
- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).
- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).
- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).
- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).
- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).
- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).
- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).
- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).
- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).
- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).
- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).
- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).
- wait: add wait_event_killable_timeout() (bsc#1099792).
- watchdog: da9063: Fix setting/changing timeout (bsc#1100843).
- watchdog: da9063: Fix timeout handling during probe (bsc#1100843).
- watchdog: da9063: Fix updating timeout value (bsc#1100843).
- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).
- x86/alternatives: Add an auxilary section (bnc#1012382).
- x86/alternatives: Discard dynamic check after init (bnc#1012382).
- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).
- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bnc#1012382).
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).
- x86/boot: Simplify kernel load address alignment check (bnc#1012382).
- x86/bugs: Respect nospec command line option (bsc#1068032).
- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343). Update config files.
- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- x86/cpufeature: Add helper macro for mask check macros (bnc#1012382).
- x86/cpufeature: Carve out X86_FEATURE_* (bnc#1012382).
- x86/cpufeature: Get rid of the non-asm goto variant (bnc#1012382).
- x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated (bnc#1012382).
- x86/cpufeature: Move some of the scattered feature bits to x86_capability (bnc#1012382).
- x86/cpufeature: preserve numbers (kabi).
- x86/cpufeature: Replace the old static_cpu_has() with safe variant (bnc#1012382).
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).
- x86/cpufeature: Speed up cpu_feature_enabled() (bnc#1012382).
- x86/cpufeature: Update cpufeaure macros (bnc#1012382).
- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (bnc#1012382).
- x86/cpu: Provide a config option to disable static_cpu_has (bnc#1012382).
- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).
- x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/fpu: Add an XSTATE_OP() macro (bnc#1012382).
- x86/fpu: Get rid of xstate_fault() (bnc#1012382).
- x86/headers: Do not include asm/processor.h in asm/atomic.h (bnc#1012382).
- x86/irqflags: Provide a declaration for native_save_fl (git-fixes).
- x86/mce: Fix incorrect 'Machine check from unknown source' message (bnc#1012382).
- x86/MCE: Remove min interval polling limitation (bnc#1012382).
- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).
- x86/mm/pkeys: Fix mismerge of protection keys CPUID bits (bnc#1012382).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081).
- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).
- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).
- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).
- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).
- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).
- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).
- x86/speculation: Clean up various Spectre related details (bnc#1012382).
- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).
- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).
- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).
- x86/topology: Add topology_max_smt_threads() (bsc#1089343).
- x86/topology: Provide topology_smt_supported() (bsc#1089343).
- x86/vdso: Use static_cpu_has() (bnc#1012382).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).
- xen/grant-table: log the lack of grants (bnc#1085042).
- xen-netfront: Fix mismatched rtnl_unlock (bnc#1101658).
- xen-netfront: Update features after registering netdev (bnc#1101658).
- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).
- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).
- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bnc#1012382).
Patchnames: SUSE-SLE-RT-12-SP3-2018-1827
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
168 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.147 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bnc#1102851 bsc#1103580).\n- CVE-2018-10876: A flaw was found in the ext4 filesystem code. A use-after-free was possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811)\n- CVE-2018-10877: The ext4 filesystem was vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. (bnc#1099846)\n- CVE-2018-10878: A flaw was found in the ext4 filesystem. A local user could cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. (bnc#1099813)\n- CVE-2018-10879: A flaw was found in the ext4 filesystem. A local user could cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. (bnc#1099844)\n- CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. (bnc#1099845)\n- CVE-2018-10881: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099864)\n- CVE-2018-10882: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. (bnc#1099849)\n- CVE-2018-10883: A flaw was found in the ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099863)\n- CVE-2018-14734: drivers/infiniband/core/ucma.c allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bnc#1103119).\n- CVE-2018-3620: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis (bnc#1087081).\n- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bnc#1089343 bnc#1104365).\n- CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bnc#1102340).\n- CVE-2018-5391 aka \u0027FragmentSmack\u0027: A flaw in the IP packet reassembly could be used by remote attackers to consume lots of CPU time (bnc#1103097).\n- CVE-2018-9363: A buffer overflow in bluetooth HID report processing could be used by malicious bluetooth devices to crash the kernel or potentially execute code (bnc#1105292).\n\nThe following non-security bugs were fixed:\n\n- acpi / pci: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).\n- Add support for 5,25,50, and 100G to 802.3ad bonding driver (bsc#1096978)\n- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS (bnc#1012382).\n- alsa: emu10k1: add error handling for snd_ctl_add (bnc#1012382).\n- alsa: emu10k1: Rate-limit error messages about page errors (bnc#1012382).\n- alsa: fm801: add error handling for snd_ctl_add (bnc#1012382).\n- alsa: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).\n- alsa: rawmidi: Change resized buffers atomically (bnc#1012382).\n- alsa: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).\n- arc: Fix CONFIG_SWAP (bnc#1012382).\n- arc: mm: allow mprotect to make stack mappings executable (bnc#1012382).\n- arm64: do not open code page table entry creation (bsc#1102197).\n- arm64: kpti: Use early_param for kpti= command-line option (bsc#1102188).\n- arm64: Make sure permission updates happen for pmd/pud (bsc#1102197).\n- arm: dts: imx6q: Use correct SDMA script for SPI5 core (bnc#1012382).\n- arm: fix put_user() for gcc-8 (bnc#1012382).\n- asoc: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).\n- asoc: pxa: Fix module autoload for platform drivers (bnc#1012382).\n- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).\n- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).\n- ath: Add regulatory mapping for Bahamas (bnc#1012382).\n- ath: Add regulatory mapping for Bermuda (bnc#1012382).\n- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).\n- ath: Add regulatory mapping for Serbia (bnc#1012382).\n- ath: Add regulatory mapping for Tanzania (bnc#1012382).\n- ath: Add regulatory mapping for Uganda (bnc#1012382).\n- atm: zatm: Fix potential Spectre v1 (bnc#1012382).\n- audit: allow not equal op for audit by executable (bnc#1012382).\n- bcache: add backing_request_endio() for bi_end_io (bsc#1064232).\n- bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1064232).\n- bcache: add io_disable to struct cached_dev (bsc#1064232).\n- bcache: add journal statistic (bsc#1076110).\n- bcache: Add __printf annotation to __bch_check_keys() (bsc#1064232).\n- bcache: add stop_when_cache_set_failed option to backing device (bsc#1064232).\n- bcache: add wait_for_kthread_stop() in bch_allocator_thread() (bsc#1064232).\n- bcache: Annotate switch fall-through (bsc#1064232).\n- bcache: closures: move control bits one bit right (bsc#1076110).\n- bcache: correct flash only vols (check all uuids) (bsc#1064232).\n- bcache: count backing device I/O error for writeback I/O (bsc#1064232).\n- bcache: Fix a compiler warning in bcache_device_init() (bsc#1064232).\n- bcache: fix cached_dev-\u003ecount usage for bch_cache_set_error() (bsc#1064232).\n- bcache: fix crashes in duplicate cache device register (bsc#1076110).\n- bcache: fix error return value in memory shrink (bsc#1064232).\n- bcache: fix high CPU occupancy during journal (bsc#1076110).\n- bcache: Fix, improve efficiency of closure_sync() (bsc#1076110).\n- bcache: fix inaccurate io state for detached bcache devices (bsc#1064232).\n- bcache: fix incorrect sysfs output value of strip size (bsc#1064232).\n- bcache: Fix indentation (bsc#1064232).\n- bcache: Fix kernel-doc warnings (bsc#1064232).\n- bcache: fix misleading error message in bch_count_io_errors() (bsc#1064232).\n- bcache: fix using of loop variable in memory shrink (bsc#1064232).\n- bcache: fix writeback target calc on large devices (bsc#1076110).\n- bcache: fix wrong return value in bch_debug_init() (bsc#1076110).\n- bcache: mark closure_sync() __sched (bsc#1076110).\n- bcache: move closure debug file into debug directory (bsc#1064232).\n- bcache: reduce cache_set devices iteration by devices_max_used (bsc#1064232).\n- bcache: Reduce the number of sparse complaints about lock imbalances (bsc#1064232).\n- bcache: Remove an unused variable (bsc#1064232).\n- bcache: ret IOERR when read meets metadata error (bsc#1076110).\n- bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n (bsc#1064232).\n- bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1064232).\n- bcache: set dc-\u003eio_disable to true in conditional_stop_bcache_device() (bsc#1064232).\n- bcache: set error_limit correctly (bsc#1064232).\n- bcache: set writeback_rate_update_seconds in range [1, 60] seconds (bsc#1064232).\n- bcache: stop bcache device when backing device is offline (bsc#1064232).\n- bcache: stop dc-\u003ewriteback_rate_update properly (bsc#1064232).\n- bcache: stop writeback thread after detaching (bsc#1076110).\n- bcache: store disk name in struct cache and struct cached_dev (bsc#1064232).\n- bcache: Suppress more warnings about set-but-not-used variables (bsc#1064232).\n- bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set (bsc#1064232).\n- bcache: Use PTR_ERR_OR_ZERO() (bsc#1076110).\n- bcm63xx_enet: correct clock usage (bnc#1012382).\n- bcm63xx_enet: do not write to random DMA channel on BCM6345 (bnc#1012382).\n- blkcg: simplify statistic accumulation code (bsc#1082979).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: do not use interruptible wait anywhere (bnc#1012382).\n- block/swim: Fix array bounds check (bsc#1082979).\n- bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).\n- bluetooth: hci_qca: Fix \u0027Sleep inside atomic section\u0027 warning (bnc#1012382).\n- bpf: fix loading of BPF_MAXINSNS sized programs (bsc#1012382).\n- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).\n- bpf, x64: fix memleak when not converging after image (bsc#1012382).\n- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).\n- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).\n- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).\n- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf (git-fixes).\n- cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag (bsc#1099858).\n- cachefiles: Fix refcounting bug in backing-file read monitoring (bsc#1099858).\n- cachefiles: Wait rather than BUG\u0027ing on \u0027Unexpected object collision\u0027 (bsc#1099858).\n- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).\n- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).\n- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).\n- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).\n- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).\n- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).\n- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).\n- cifs: fix bad/NULL ptr dereferencing in SMB2_sess_setup() (bsc#1090123).\n- cifs: Fix infinite loop when using hard mount option (bnc#1012382).\n- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).\n- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled (bnc#1012382).\n- compiler, clang: properly override \u0027inline\u0027 for clang (bnc#1012382).\n- compiler, clang: suppress warning for unused static inline functions (bnc#1012382).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (bnc#1012382).\n- cpu/hotplug: Add sysfs state interface (bsc#1089343).\n- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).\n- cpu/hotplug: Split do_cpu_down() (bsc#1089343).\n- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak (bnc#1012382).\n- crypto: crypto4xx - remove bad list_del (bnc#1012382).\n- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).\n- disable loading f2fs module on PAGE_SIZE \u003e 4KB (bnc#1012382).\n- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).\n- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).\n- dm thin metadata: remove needless work from __commit_transaction (bsc#1082979).\n- documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).\n- drbd: fix access after free (bnc#1012382).\n- driver core: Partially revert \u0027driver core: correct device\u0027s shutdown order\u0027 (bnc#1012382).\n- drm: Add DP PSR2 sink enable bit (bnc#1012382).\n- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).\n- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).\n- drm/gma500: fix psb_intel_lvds_mode_valid()\u0027s return type (bnc#1012382).\n- drm/msm: Fix possible null dereference on failure of get_pages() (bsc#1102394).\n- drm/radeon: fix mode_valid\u0027s return type (bnc#1012382).\n- drm: re-enable error handling (bsc#1103884).\n- esp6: fix memleak on error path in esp6_input (git-fixes).\n- ext4: add more inode number paranoia checks (bnc#1012382).\n- ext4: add more mount time checks of the superblock (bnc#1012382).\n- ext4: always check block group bounds in ext4_init_block_bitmap() (bnc#1012382).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: check superblock mapped prior to committing (bnc#1012382).\n- ext4: clear i_data in ext4_inode_info when removing inline data (bnc#1012382).\n- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).\n- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- ext4: fix inline data updates with checksums enabled (bsc#1104494).\n- ext4: include the illegal physical block in the bad map ext4_error msg (bnc#1012382).\n- ext4: make sure bitmaps and the inode table do not overlap with bg descriptors (bnc#1012382).\n- ext4: only look at the bg_flags field if it is valid (bnc#1012382).\n- ext4: verify the depth of extent tree in ext4_find_extent() (bnc#1012382).\n- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).\n- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).\n- fscache: Allow cancelled operations to be enqueued (bsc#1099858).\n- fscache: Fix reference overput in fscache_attach_object() error handling (bsc#1099858).\n- genirq: Make force irq threading setup more robust (bsc#1082979).\n- hid: debug: check length before copy_to_user() (bnc#1012382).\n- hid: hiddev: fix potential Spectre v1 (bnc#1012382).\n- hid: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).\n- hid: i2c-hid: check if device is there before really probing (bnc#1012382).\n- hid: i2c-hid: Fix \u0027incomplete report\u0027 noise (bnc#1012382).\n- hid: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter (bnc#1012382).\n- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).\n- i2c: imx: Fix reinit_completion() use (bnc#1012382).\n- i2c: rcar: fix resume by always initializing registers before transfer (bnc#1012382).\n- ib/isert: fix T10-pi check mask setting (bsc#1082979).\n- ibmasm: do not write out of bounds in read handler (bnc#1012382).\n- ibmvnic: Fix error recovery on login failure (bsc#1101789).\n- ibmvnic: Remove code to request error information (bsc#1104174).\n- ibmvnic: Revise RX/TX queue error messages (bsc#1101331).\n- ibmvnic: Update firmware error reporting with cause string (bsc#1104174).\n- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).\n- input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).\n- input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).\n- input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).\n- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).\n- ip: hash fragments consistently (bnc#1012382).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).\n- ipv4: Fix error return value in fib_convert_metrics() (bnc#1012382).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).\n- ipv6: fix useless rol32 call on hash (bnc#1012382).\n- iw_cxgb4: correctly enforce the max reg_mr depth (bnc#1012382).\n- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).\n- jbd2: do not mark block as modified if the handle is out of credits (bnc#1012382).\n- kabi protect includes in include/linux/inet.h (bsc#1095643).\n- KABI protect net/core/utils.c includes (bsc#1095643).\n- kABI: protect struct loop_device (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kABI: reintroduce __static_cpu_has_safe (kabi).\n- kabi/severities: add \u0027drivers/md/bcache/* PASS\u0027 since no one uses symboles expoted by bcache.\n- kbuild: fix # escaping in .cmd files for future Make (bnc#1012382).\n- KEYS: DNS: fix parsing multiple options (bnc#1012382).\n- kmod: fix wait on recursive loop (bsc#1099792).\n- kmod: reduce atomic operations on kmod_concurrent and simplify (bsc#1099792).\n- kmod: throttle kmod thread limit (bsc#1099792).\n- kprobes/x86: Do not modify singlestep buffer while resuming (bnc#1012382).\n- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).\n- kvm: arm/arm64: Drop resource size check for GICV window (bsc#1102215).\n- kvm: arm/arm64: Set dist-\u003espis to NULL after kfree (bsc#1102214).\n- kvm/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).\n- kvm: x86: vmx: fix vpid leak (bnc#1012382).\n- libata: do not try to pass through NCQ commands to non-NCQ devices (bsc#1082979).\n- libata: Fix command retry decision (bnc#1012382).\n- lib/rhashtable: consider param-\u003emin_size when setting initial table size (bnc#1012382).\n- loop: add recursion validation to LOOP_CHANGE_FD (bnc#1012382).\n- loop: remember whether sysfs_create_group() was done (bnc#1012382).\n- md: fix NULL dereference of mddev-\u003epers in remove_and_add_spares() (bnc#1012382).\n- media: cx25840: Use subdev host data for PLL override (bnc#1012382).\n- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).\n- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).\n- media: saa7164: Fix driver name in debug output (bnc#1012382).\n- media: si470x: fix __be16 annotations (bnc#1012382).\n- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).\n- media: videobuf2-core: do not call memop \u0027finish\u0027 when queueing (bnc#1012382).\n- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).\n- memory: tegra: Do not handle spurious interrupts (bnc#1012382).\n- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).\n- microblaze: Fix simpleImage format generation (bnc#1012382).\n- mmc: dw_mmc: fix card threshold control configuration (bsc#1102203).\n- mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing (bsc#1097771).\n- mm: hugetlb: yield when prepping struct pages (bnc#1012382).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).\n- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).\n- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).\n- mtd: cfi_cmdset_0002: Change definition naming to retry write operation (bnc#1012382).\n- mtd: cfi_cmdset_0002: Change erase functions to check chip good only (bnc#1012382).\n- mtd: cfi_cmdset_0002: Change erase functions to retry for error (bnc#1012382).\n- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).\n- mtd: rawnand: mxc: set spare area size register explicitly (bnc#1012382).\n- mtd: ubi: wl: Fix error return code in ubi_wl_init() (git-fixes).\n- mwifiex: correct histogram data with appropriate index (bnc#1012382).\n- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).\n- net: cxgb3_main: fix potential Spectre v1 (bnc#1012382).\n- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (bnc#1012382).\n- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (bnc#1012382).\n- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).\n- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).\n- netfilter: ebtables: reject non-bridge targets (bnc#1012382).\n- netfilter: ipset: List timing out entries with \u0027timeout 1\u0027 instead of zero (bnc#1012382).\n- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).\n- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (bnc#1012382).\n- netfilter: nf_queue: augment nfqa_cfg_policy (bnc#1012382).\n- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (bnc#1012382).\n- netfilter: x_tables: initialise match/target check parameter struct (bnc#1012382).\n- net: fix amd-xgbe flow-control issue (bnc#1012382).\n- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).\n- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).\n- netlink: Do not shift on 64 for ngroups (bnc#1012382).\n- netlink: Do not shift with UB on nlk-\u003engroups (bnc#1012382).\n- netlink: Do not subscribe to non-existent groups (bnc#1012382).\n- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).\n- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).\n- net/mlx5: Fix command interface race in polling mode (bnc#1012382).\n- net/mlx5: Fix incorrect raw command length parsing (bnc#1012382).\n- net: mvneta: fix the Rx desc DMA address in the Rx path (bsc#1102207).\n- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL (bnc#1012382).\n- net: off by one in inet6_pton() (bsc#1095643).\n- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).\n- net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1102205).\n- net_sched: blackhole: tell upper qdisc about dropped packets (bnc#1012382).\n- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).\n- net: stmmac: align DMA stuff to largest cache line length (bnc#1012382).\n- net: sungem: fix rx checksum support (bnc#1012382).\n- net/utils: generic inet_pton_with_scope helper (bsc#1095643).\n- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).\n- nohz: Fix local_timer_softirq_pending() (bnc#1012382).\n- n_tty: Access echo_* variables carefully (bnc#1012382).\n- n_tty: Fix stall at n_tty_receive_char_special() (bnc#1012382).\n- null_blk: use sector_div instead of do_div (bsc#1082979).\n- nvme-pci: initialize queue memory before interrupts (bnc#1012382).\n- nvme-rdma: Check remotely invalidated rkey matches our expected rkey (bsc#1092001).\n- nvme-rdma: default MR page size to 4k (bsc#1092001).\n- nvme-rdma: do not complete requests before a send work request has completed (bsc#1092001).\n- nvme-rdma: do not suppress send completions (bsc#1092001).\n- nvme-rdma: Fix command completion race at error recovery (bsc#1090435).\n- nvme-rdma: make nvme_rdma_[create|destroy]_queue_ib symmetrical (bsc#1092001).\n- nvme-rdma: use inet_pton_with_scope helper (bsc#1095643).\n- nvme-rdma: Use mr pool (bsc#1092001).\n- nvme-rdma: wait for local invalidation before completing a request (bsc#1092001).\n- ocfs2: subsystem.su_mutex is required while accessing the item-\u003eci_parent (bnc#1012382).\n- pci: ibmphp: Fix use-before-set in get_max_bus_speed() (bsc#1100132).\n- pci: pciehp: Request control of native hotplug only if supported (bnc#1012382).\n- pci: Prevent sysfs disable of device while driver is attached (bnc#1012382).\n- perf: fix invalid bit in diagnostic entry (bnc#1012382).\n- perf tools: Move syscall number fallbacks from perf-sys.h to tools/arch/x86/include/asm/ (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).\n- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).\n- pm / hibernate: Fix oops at snapshot_write() (bnc#1012382).\n- powerpc/32: Add a missing include header (bnc#1012382).\n- powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244, bsc#1100930, bsc#1102683).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).\n- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).\n- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).\n- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).\n- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).\n- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).\n- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).\n- powerpc/powermac: Mark variable x as unused (bnc#1012382).\n- provide special timeout module parameters for EC2 (bsc#1065364).\n- ptp: fix missing break in switch (bnc#1012382).\n- qed: Limit msix vectors in kdump kernel to the minimum required count (bnc#1012382).\n- r8152: napi hangup fix after disconnect (bnc#1012382).\n- random: mix rdrand with entropy sent in from userspace (bnc#1012382).\n- rdma/mad: Convert BUG_ONs to error flows (bnc#1012382).\n- rdma/ocrdma: Fix an error code in ocrdma_alloc_pd() (bsc#1082979).\n- rdma/ocrdma: Fix error codes in ocrdma_create_srq() (bsc#1082979).\n- rdma/ucm: Mark UCM interface as BROKEN (bnc#1012382).\n- rds: avoid unenecessary cong_update in loop transport (bnc#1012382).\n- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).\n- Remove broken patches for dac9063 watchdog (bsc#1100843)\n- restore cond_resched() in shrink_dcache_parent() (bsc#1098599).\n- Revert \u0027block-cancel-workqueue-entries-on-blk_mq_freeze_queue\u0027 (bsc#1103717)\n- Revert \u0027net: Do not copy pfmemalloc flag in __copy_skb_header()\u0027 (kabi).\n- Revert \u0027sit: reload iphdr in ipip6_rcv\u0027 (bnc#1012382).\n- Revert \u0027skbuff: Unconditionally copy pfmemalloc in __skb_clone()\u0027 (kabi).\n- Revert \u0027x86/cpufeature: Move some of the scattered feature bits to x86_capability\u0027 (kabi).\n- Revert \u0027x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6\u0027 (kabi).\n- Revert \u0027x86/mm: Give each mm TLB flush generation a unique ID\u0027 (kabi).\n- Revert \u0027x86/speculation: Use Indirect Branch Prediction Barrier in context switch\u0027 (kabi).\n- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).\n- rsi: Fix \u0027invalid vdd\u0027 warning in mmc (bnc#1012382).\n- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).\n- rtlwifi: rtl8821ae: fix firmware is not ready to run (bnc#1012382).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).\n- s390: Correct register corruption in critical section cleanup (bnc#1012382).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).\n- s390/qeth: fix error handling in adapter command callbacks (bnc#1103745, LTC#169699).\n- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).\n- sched/smt: Update sched_smt_present at runtime (bsc#1089343).\n- scsi: 3w-9xxx: fix a missing-check bug (bnc#1012382).\n- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).\n- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).\n- scsi: megaraid: silence a static checker bug (bnc#1012382).\n- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).\n- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).\n- scsi: qlogicpti: Fix an error handling path in \u0027qpti_sbus_probe()\u0027 (bsc#1082979).\n- scsi: scsi_dh: replace too broad \u0027TP9\u0027 string with the exact models (bnc#1012382).\n- scsi: sg: fix minor memory leak in error path (bsc#1082979).\n- scsi: sg: mitigate read/write abuse (bsc#1101296).\n- scsi: target: fix crash with iscsi target and dvd (bsc#1082979).\n- scsi: ufs: fix exception event handling (bnc#1012382).\n- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).\n- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).\n- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).\n- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).\n- smsc95xx: Configure pause time to 0xffff when tx flow control enabled (bsc#1085536).\n- squashfs: be more careful about metadata corruption (bnc#1012382).\n- squashfs: more metadata hardening (bnc#1012382).\n- squashfs: more metadata hardenings (bnc#1012382).\n- staging: android: ion: Return an ERR_PTR in ion_map_kernel (bnc#1012382).\n- staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write() (bnc#1012382).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).\n- tcp: add one more quick ack after after ECN events (bnc#1012382).\n- tcp: do not aggressively quick ack after ECN events (bnc#1012382).\n- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).\n- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).\n- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).\n- tcp: fix dctcp delayed ACK schedule (bnc#1012382).\n- tcp: fix Fast Open key endianness (bnc#1012382).\n- tcp: helpers to send special DCTCP ack (bnc#1012382).\n- tcp: prevent bogus FRTO undos with non-SACK flows (bnc#1012382).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).\n- tg3: Add higher cpu clock for 5762 (bnc#1012382).\n- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).\n- tools build: fix # escaping in .cmd files for future Make (bnc#1012382).\n- tracing: Fix double free of event_trigger_data (bnc#1012382).\n- tracing: Fix missing return symbol in function_graph output (bnc#1012382).\n- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).\n- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).\n- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).\n- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).\n- turn off -Wattribute-alias (bnc#1012382).\n- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).\n- ubi: fastmap: Correctly handle interrupted erasures in EBA (bnc#1012382).\n- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).\n- ubi: Fix Fastmap\u0027s update_vol() (bnc#1012382).\n- ubi: Fix races around ubi_refill_pools() (bnc#1012382).\n- ubi: Introduce vol_ignored() (bnc#1012382).\n- ubi: Rework Fastmap attach base code (bnc#1012382).\n- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bnc#1012382).\n- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).\n- usb: cdc_acm: Add quirk for Uniden UBC125 scanner (bnc#1012382).\n- usb: core: handle hub C_PORT_OVER_CURRENT condition (bsc#1100132).\n- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).\n- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).\n- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).\n- usb: quirks: add delay quirks for Corsair Strafe (bnc#1012382).\n- USB: serial: ch341: fix type promotion bug in ch341_control_in() (bnc#1012382).\n- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick (bnc#1012382).\n- USB: serial: cp210x: add CESINEL device ids (bnc#1012382).\n- USB: serial: cp210x: add Silicon Labs IDs for Windows Update (bnc#1012382).\n- USB: serial: keyspan_pda: fix modem-status error handling (bnc#1012382).\n- USB: serial: mos7840: fix status-register error handling (bnc#1012382).\n- USB: yurex: fix out-of-bounds uaccess in read handler (bnc#1012382).\n- vfio: platform: Fix reset module leak in error path (bsc#1102211).\n- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).\n- vhost_net: validate sock before trying to put its fd (bnc#1012382).\n- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).\n- vmw_balloon: fix inflation with batching (bnc#1012382).\n- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).\n- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).\n- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).\n- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).\n- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).\n- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).\n- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).\n- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).\n- vmxnet3: remove redundant initialization of pointer \u0027rq\u0027 (bsc#1091860 bsc#1098253).\n- vmxnet3: remove unused flag \u0027rxcsum\u0027 from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).\n- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).\n- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).\n- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).\n- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).\n- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).\n- wait: add wait_event_killable_timeout() (bsc#1099792).\n- watchdog: da9063: Fix setting/changing timeout (bsc#1100843).\n- watchdog: da9063: Fix timeout handling during probe (bsc#1100843).\n- watchdog: da9063: Fix updating timeout value (bsc#1100843).\n- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).\n- x86/alternatives: Add an auxilary section (bnc#1012382).\n- x86/alternatives: Discard dynamic check after init (bnc#1012382).\n- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).\n- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).\n- x86/asm: Add _ASM_ARG* constants for argument registers to \u003casm/asm.h\u003e (bnc#1012382).\n- x86/asm/entry/32: Simplify pushes of zeroed pt_regs-\u003eREGs (bnc#1012382).\n- x86/boot: Simplify kernel load address alignment check (bnc#1012382).\n- x86/bugs: Respect nospec command line option (bsc#1068032).\n- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).\n- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).\n- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).\n- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343). Update config files.\n- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).\n- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).\n- x86/cpufeature: Add helper macro for mask check macros (bnc#1012382).\n- x86/cpufeature: Carve out X86_FEATURE_* (bnc#1012382).\n- x86/cpufeature: Get rid of the non-asm goto variant (bnc#1012382).\n- x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated (bnc#1012382).\n- x86/cpufeature: Move some of the scattered feature bits to x86_capability (bnc#1012382).\n- x86/cpufeature: preserve numbers (kabi).\n- x86/cpufeature: Replace the old static_cpu_has() with safe variant (bnc#1012382).\n- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).\n- x86/cpufeature: Speed up cpu_feature_enabled() (bnc#1012382).\n- x86/cpufeature: Update cpufeaure macros (bnc#1012382).\n- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).\n- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).\n- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (bnc#1012382).\n- x86/cpu: Provide a config option to disable static_cpu_has (bnc#1012382).\n- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).\n- x86/cpu: Remove the pointless CPU printout (bsc#1089343).\n- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).\n- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/fpu: Add an XSTATE_OP() macro (bnc#1012382).\n- x86/fpu: Get rid of xstate_fault() (bnc#1012382).\n- x86/headers: Do not include asm/processor.h in asm/atomic.h (bnc#1012382).\n- x86/irqflags: Provide a declaration for native_save_fl (git-fixes).\n- x86/mce: Fix incorrect \u0027Machine check from unknown source\u0027 message (bnc#1012382).\n- x86/MCE: Remove min interval polling limitation (bnc#1012382).\n- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).\n- x86/mm/pkeys: Fix mismerge of protection keys CPUID bits (bnc#1012382).\n- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081).\n- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).\n- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).\n- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).\n- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).\n- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).\n- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).\n- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).\n- x86/speculation: Add \u003casm/msr-index.h\u003e dependency (bnc#1012382).\n- x86/speculation: Clean up various Spectre related details (bnc#1012382).\n- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).\n- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).\n- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).\n- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).\n- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).\n- x86/topology: Add topology_max_smt_threads() (bsc#1089343).\n- x86/topology: Provide topology_smt_supported() (bsc#1089343).\n- x86/vdso: Use static_cpu_has() (bnc#1012382).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).\n- xen/grant-table: log the lack of grants (bnc#1085042).\n- xen-netfront: Fix mismatched rtnl_unlock (bnc#1101658).\n- xen-netfront: Update features after registering netdev (bnc#1101658).\n- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).\n- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).\n- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).\n- xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP3-2018-1827",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2596-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2596-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182596-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2596-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004529.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1064232",
"url": "https://bugzilla.suse.com/1064232"
},
{
"category": "self",
"summary": "SUSE Bug 1065364",
"url": "https://bugzilla.suse.com/1065364"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1076110",
"url": "https://bugzilla.suse.com/1076110"
},
{
"category": "self",
"summary": "SUSE Bug 1082653",
"url": "https://bugzilla.suse.com/1082653"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1085042",
"url": "https://bugzilla.suse.com/1085042"
},
{
"category": "self",
"summary": "SUSE Bug 1085536",
"url": "https://bugzilla.suse.com/1085536"
},
{
"category": "self",
"summary": "SUSE Bug 1086457",
"url": "https://bugzilla.suse.com/1086457"
},
{
"category": "self",
"summary": "SUSE Bug 1087081",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "self",
"summary": "SUSE Bug 1089343",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "self",
"summary": "SUSE Bug 1090123",
"url": "https://bugzilla.suse.com/1090123"
},
{
"category": "self",
"summary": "SUSE Bug 1090435",
"url": "https://bugzilla.suse.com/1090435"
},
{
"category": "self",
"summary": "SUSE Bug 1091171",
"url": "https://bugzilla.suse.com/1091171"
},
{
"category": "self",
"summary": "SUSE Bug 1091860",
"url": "https://bugzilla.suse.com/1091860"
},
{
"category": "self",
"summary": "SUSE Bug 1092001",
"url": "https://bugzilla.suse.com/1092001"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1095643",
"url": "https://bugzilla.suse.com/1095643"
},
{
"category": "self",
"summary": "SUSE Bug 1096254",
"url": "https://bugzilla.suse.com/1096254"
},
{
"category": "self",
"summary": "SUSE Bug 1096978",
"url": "https://bugzilla.suse.com/1096978"
},
{
"category": "self",
"summary": "SUSE Bug 1097771",
"url": "https://bugzilla.suse.com/1097771"
},
{
"category": "self",
"summary": "SUSE Bug 1098253",
"url": "https://bugzilla.suse.com/1098253"
},
{
"category": "self",
"summary": "SUSE Bug 1098599",
"url": "https://bugzilla.suse.com/1098599"
},
{
"category": "self",
"summary": "SUSE Bug 1099792",
"url": "https://bugzilla.suse.com/1099792"
},
{
"category": "self",
"summary": "SUSE Bug 1099811",
"url": "https://bugzilla.suse.com/1099811"
},
{
"category": "self",
"summary": "SUSE Bug 1099813",
"url": "https://bugzilla.suse.com/1099813"
},
{
"category": "self",
"summary": "SUSE Bug 1099844",
"url": "https://bugzilla.suse.com/1099844"
},
{
"category": "self",
"summary": "SUSE Bug 1099845",
"url": "https://bugzilla.suse.com/1099845"
},
{
"category": "self",
"summary": "SUSE Bug 1099846",
"url": "https://bugzilla.suse.com/1099846"
},
{
"category": "self",
"summary": "SUSE Bug 1099849",
"url": "https://bugzilla.suse.com/1099849"
},
{
"category": "self",
"summary": "SUSE Bug 1099858",
"url": "https://bugzilla.suse.com/1099858"
},
{
"category": "self",
"summary": "SUSE Bug 1099863",
"url": "https://bugzilla.suse.com/1099863"
},
{
"category": "self",
"summary": "SUSE Bug 1099864",
"url": "https://bugzilla.suse.com/1099864"
},
{
"category": "self",
"summary": "SUSE Bug 1100132",
"url": "https://bugzilla.suse.com/1100132"
},
{
"category": "self",
"summary": "SUSE Bug 1100843",
"url": "https://bugzilla.suse.com/1100843"
},
{
"category": "self",
"summary": "SUSE Bug 1100930",
"url": "https://bugzilla.suse.com/1100930"
},
{
"category": "self",
"summary": "SUSE Bug 1101296",
"url": "https://bugzilla.suse.com/1101296"
},
{
"category": "self",
"summary": "SUSE Bug 1101331",
"url": "https://bugzilla.suse.com/1101331"
},
{
"category": "self",
"summary": "SUSE Bug 1101658",
"url": "https://bugzilla.suse.com/1101658"
},
{
"category": "self",
"summary": "SUSE Bug 1101789",
"url": "https://bugzilla.suse.com/1101789"
},
{
"category": "self",
"summary": "SUSE Bug 1101822",
"url": "https://bugzilla.suse.com/1101822"
},
{
"category": "self",
"summary": "SUSE Bug 1101841",
"url": "https://bugzilla.suse.com/1101841"
},
{
"category": "self",
"summary": "SUSE Bug 1102188",
"url": "https://bugzilla.suse.com/1102188"
},
{
"category": "self",
"summary": "SUSE Bug 1102197",
"url": "https://bugzilla.suse.com/1102197"
},
{
"category": "self",
"summary": "SUSE Bug 1102203",
"url": "https://bugzilla.suse.com/1102203"
},
{
"category": "self",
"summary": "SUSE Bug 1102205",
"url": "https://bugzilla.suse.com/1102205"
},
{
"category": "self",
"summary": "SUSE Bug 1102207",
"url": "https://bugzilla.suse.com/1102207"
},
{
"category": "self",
"summary": "SUSE Bug 1102211",
"url": "https://bugzilla.suse.com/1102211"
},
{
"category": "self",
"summary": "SUSE Bug 1102214",
"url": "https://bugzilla.suse.com/1102214"
},
{
"category": "self",
"summary": "SUSE Bug 1102215",
"url": "https://bugzilla.suse.com/1102215"
},
{
"category": "self",
"summary": "SUSE Bug 1102340",
"url": "https://bugzilla.suse.com/1102340"
},
{
"category": "self",
"summary": "SUSE Bug 1102394",
"url": "https://bugzilla.suse.com/1102394"
},
{
"category": "self",
"summary": "SUSE Bug 1102683",
"url": "https://bugzilla.suse.com/1102683"
},
{
"category": "self",
"summary": "SUSE Bug 1102715",
"url": "https://bugzilla.suse.com/1102715"
},
{
"category": "self",
"summary": "SUSE Bug 1102797",
"url": "https://bugzilla.suse.com/1102797"
},
{
"category": "self",
"summary": "SUSE Bug 1102851",
"url": "https://bugzilla.suse.com/1102851"
},
{
"category": "self",
"summary": "SUSE Bug 1103097",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "self",
"summary": "SUSE Bug 1103119",
"url": "https://bugzilla.suse.com/1103119"
},
{
"category": "self",
"summary": "SUSE Bug 1103269",
"url": "https://bugzilla.suse.com/1103269"
},
{
"category": "self",
"summary": "SUSE Bug 1103445",
"url": "https://bugzilla.suse.com/1103445"
},
{
"category": "self",
"summary": "SUSE Bug 1103580",
"url": "https://bugzilla.suse.com/1103580"
},
{
"category": "self",
"summary": "SUSE Bug 1103717",
"url": "https://bugzilla.suse.com/1103717"
},
{
"category": "self",
"summary": "SUSE Bug 1103745",
"url": "https://bugzilla.suse.com/1103745"
},
{
"category": "self",
"summary": "SUSE Bug 1103884",
"url": "https://bugzilla.suse.com/1103884"
},
{
"category": "self",
"summary": "SUSE Bug 1104174",
"url": "https://bugzilla.suse.com/1104174"
},
{
"category": "self",
"summary": "SUSE Bug 1104319",
"url": "https://bugzilla.suse.com/1104319"
},
{
"category": "self",
"summary": "SUSE Bug 1104365",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "self",
"summary": "SUSE Bug 1104494",
"url": "https://bugzilla.suse.com/1104494"
},
{
"category": "self",
"summary": "SUSE Bug 1104495",
"url": "https://bugzilla.suse.com/1104495"
},
{
"category": "self",
"summary": "SUSE Bug 1104897",
"url": "https://bugzilla.suse.com/1104897"
},
{
"category": "self",
"summary": "SUSE Bug 1105292",
"url": "https://bugzilla.suse.com/1105292"
},
{
"category": "self",
"summary": "SUSE Bug 970506",
"url": "https://bugzilla.suse.com/970506"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18344 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10876 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10877 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10878 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10883 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14734 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3620 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5390 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5391 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9363 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9363/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-09-03T15:29:13Z",
"generator": {
"date": "2018-09-03T15:29:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2596-1",
"initial_release_date": "2018-09-03T15:29:13Z",
"revision_history": [
{
"date": "2018-09-03T15:29:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.147-3.20.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.147-3.20.1.noarch",
"product_id": "kernel-devel-rt-4.4.147-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.147-3.20.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.147-3.20.1.noarch",
"product_id": "kernel-source-rt-4.4.147-3.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"product_id": "dlm-kmp-rt-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"product_id": "gfs2-kmp-rt-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "kernel-rt-4.4.147-3.20.1.x86_64",
"product_id": "kernel-rt-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.147-3.20.1.x86_64",
"product": {
"name": "kernel-rt-base-4.4.147-3.20.1.x86_64",
"product_id": "kernel-rt-base-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.147-3.20.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.147-3.20.1.x86_64",
"product_id": "kernel-rt-devel-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.147-3.20.1.x86_64",
"product_id": "kernel-syms-rt-4.4.147-3.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.147-3.20.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.147-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "kernel-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64"
},
"product_reference": "kernel-rt-base-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.147-3.20.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.147-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.147-3.20.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18344"
}
],
"notes": [
{
"category": "general",
"text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18344",
"url": "https://www.suse.com/security/cve/CVE-2017-18344"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102851 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1102851"
},
{
"category": "external",
"summary": "SUSE Bug 1103203 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "external",
"summary": "SUSE Bug 1103580 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103580"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-18344"
},
{
"cve": "CVE-2018-10876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10876"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10876",
"url": "https://www.suse.com/security/cve/CVE-2018-10876"
},
{
"category": "external",
"summary": "SUSE Bug 1099811 for CVE-2018-10876",
"url": "https://bugzilla.suse.com/1099811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10876"
},
{
"cve": "CVE-2018-10877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10877"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10877",
"url": "https://www.suse.com/security/cve/CVE-2018-10877"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10877",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099846 for CVE-2018-10877",
"url": "https://bugzilla.suse.com/1099846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10877"
},
{
"cve": "CVE-2018-10878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10878"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10878",
"url": "https://www.suse.com/security/cve/CVE-2018-10878"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10878",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099813 for CVE-2018-10878",
"url": "https://bugzilla.suse.com/1099813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10878"
},
{
"cve": "CVE-2018-10879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10879"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10879",
"url": "https://www.suse.com/security/cve/CVE-2018-10879"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10879",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099844 for CVE-2018-10879",
"url": "https://bugzilla.suse.com/1099844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10879"
},
{
"cve": "CVE-2018-10880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10880"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10880",
"url": "https://www.suse.com/security/cve/CVE-2018-10880"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10880",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099845 for CVE-2018-10880",
"url": "https://bugzilla.suse.com/1099845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10880"
},
{
"cve": "CVE-2018-10881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10881"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10881",
"url": "https://www.suse.com/security/cve/CVE-2018-10881"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10881",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099864 for CVE-2018-10881",
"url": "https://bugzilla.suse.com/1099864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10881"
},
{
"cve": "CVE-2018-10882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10882"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10882",
"url": "https://www.suse.com/security/cve/CVE-2018-10882"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10882",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099849 for CVE-2018-10882",
"url": "https://bugzilla.suse.com/1099849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10882"
},
{
"cve": "CVE-2018-10883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10883"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10883",
"url": "https://www.suse.com/security/cve/CVE-2018-10883"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10883",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099863 for CVE-2018-10883",
"url": "https://bugzilla.suse.com/1099863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10883"
},
{
"cve": "CVE-2018-14734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14734"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14734",
"url": "https://www.suse.com/security/cve/CVE-2018-14734"
},
{
"category": "external",
"summary": "SUSE Bug 1103119 for CVE-2018-14734",
"url": "https://bugzilla.suse.com/1103119"
},
{
"category": "external",
"summary": "SUSE Bug 1131390 for CVE-2018-14734",
"url": "https://bugzilla.suse.com/1131390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "low"
}
],
"title": "CVE-2018-14734"
},
{
"cve": "CVE-2018-3620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3620"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3620",
"url": "https://www.suse.com/security/cve/CVE-2018-3620"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1090340 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1090340"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-3620"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
},
{
"cve": "CVE-2018-5390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5390"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5390",
"url": "https://www.suse.com/security/cve/CVE-2018-5390"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102340 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1102340"
},
{
"category": "external",
"summary": "SUSE Bug 1102682 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1102682"
},
{
"category": "external",
"summary": "SUSE Bug 1103097 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "external",
"summary": "SUSE Bug 1103098 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1103098"
},
{
"category": "external",
"summary": "SUSE Bug 1156434 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1156434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-5390"
},
{
"cve": "CVE-2018-5391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5391"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5391",
"url": "https://www.suse.com/security/cve/CVE-2018-5391"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102340 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1102340"
},
{
"category": "external",
"summary": "SUSE Bug 1103097 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "external",
"summary": "SUSE Bug 1103098 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1103098"
},
{
"category": "external",
"summary": "SUSE Bug 1108654 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1108654"
},
{
"category": "external",
"summary": "SUSE Bug 1114071 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1114071"
},
{
"category": "external",
"summary": "SUSE Bug 1121102 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1121102"
},
{
"category": "external",
"summary": "SUSE Bug 1134140 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1134140"
},
{
"category": "external",
"summary": "SUSE Bug 1181460 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1181460"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-5391"
},
{
"cve": "CVE-2018-9363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9363"
}
],
"notes": [
{
"category": "general",
"text": "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9363",
"url": "https://www.suse.com/security/cve/CVE-2018-9363"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-9363",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1105292 for CVE-2018-9363",
"url": "https://bugzilla.suse.com/1105292"
},
{
"category": "external",
"summary": "SUSE Bug 1105293 for CVE-2018-9363",
"url": "https://bugzilla.suse.com/1105293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.147-3.20.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.147-3.20.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.147-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-03T15:29:13Z",
"details": "important"
}
],
"title": "CVE-2018-9363"
}
]
}
SUSE-SU-2018:2637-1
Vulnerability from csaf_suse - Published: 2018-09-06 13:01 - Updated: 2018-09-06 13:01Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).
- CVE-2017-13305: A information disclosure vulnerability was fixed in the encrypted-keys handling. (bnc#1094353).
- CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device lead to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files. (bnc#1096728).
- CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107).
- CVE-2018-1130: Linux kernel was vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).
- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory corruption bug in JFS could be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr (bnc#1097234).
- CVE-2018-13053: The alarm_timer_nsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktime_add_safe is not used (bnc#1099924).
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 bnc#1100418).
- CVE-2018-3620: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis (bnc#1087081).
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bnc#1089343 bnc#1104365).
- CVE-2018-5803: An error in the '_sctp_make_chunk()' function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).
- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).
- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function allowed local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- usb: add USB_DEVICE_INTERFACE_CLASS macro (bsc#1047487).
- usb: hub: fix non-SS hub-descriptor handling (bsc#1047487).
- usb: kobil_sct: fix non-atomic allocation in write path (bsc#1015828).
- usb: serial: ftdi_sio: fix latency-timer error handling (bsc#1037441).
- usb: serial: io_edgeport: fix NULL-deref at open (bsc#1015828).
- usb: serial: io_edgeport: fix possible sleep-in-atomic (bsc#1037441).
- usb: serial: keyspan_pda: fix modem-status error handling (bsc#1100132).
- usb: visor: Match I330 phone more precisely (bsc#1047487).
- cpu/hotplug: Add sysfs state interface (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Split do_cpu_down() (bsc#1089343).
- disable prot_none native mitigation (bnc#1104684)
- drm/i915: fix use-after-free in page_flip_completed() (bsc#1103909).
- drm: re-enable error handling (bsc#1103884)
- efivarfs: maintain the efivarfs interfaces when sysfs be created and removed (bsc#1097125).
- fix pgd underflow (bnc#1104475) custom walk_page_range rework was incorrect and could underflow pgd if the given range was below a first vma.
- kthread, tracing: Do not expose half-written comm when creating kthreads (Git-fixes).
- nvme: add device id's with intel stripe quirk (bsc#1097562).
- perf/core: Fix group scheduling with mixed hw and sw events (Git-fixes).
- perf/x86/intel: Handle Broadwell family processors (bsc#1093183).
- s390/qeth: fix IPA command submission race (bnc#1099709, LTC#169004).
- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1102087, LTC#168038).
- scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler (bnc#1102087, LTC#168765).
- scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF (bnc#1102087, LTC#168765).
- series.conf: Remove trailing whitespaces
- slab: introduce kmalloc_array() (bsc#909361).
- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).
- x64/entry: move ENABLE_IBRS after switching from trampoline stack (bsc#1098658).
- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343).
- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- x86/fpu: fix signal handling with eager FPU switching (bsc#1100091).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).
- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
- x86/topology: Add topology_max_smt_threads() (bsc#1089343).
- x86/topology: Provide topology_smt_supported() (bsc#1089343).
- x86/traps: Fix bad_iret_stack in fixup_bad_iret() (bsc#1098658).
- x86/traps: add missing kernel CR3 switch in bad_iret path (bsc#1098658).
- xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- xen/x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bsc#1100132).
Patchnames: slertesp4-kernel-rt-20180827-13770
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.7 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
107 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).\n- CVE-2017-13305: A information disclosure vulnerability was fixed in the encrypted-keys handling. (bnc#1094353).\n- CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device lead to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files. (bnc#1096728).\n- CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107).\n- CVE-2018-1130: Linux kernel was vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).\n- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory corruption bug in JFS could be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr (bnc#1097234).\n- CVE-2018-13053: The alarm_timer_nsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktime_add_safe is not used (bnc#1099924).\n- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 bnc#1100418).\n- CVE-2018-3620: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis (bnc#1087081).\n- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis (bnc#1089343 bnc#1104365).\n- CVE-2018-5803: An error in the \u0027_sctp_make_chunk()\u0027 function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).\n- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).\n- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function allowed local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).\n\nThe following non-security bugs were fixed:\n\n- usb: add USB_DEVICE_INTERFACE_CLASS macro (bsc#1047487).\n- usb: hub: fix non-SS hub-descriptor handling (bsc#1047487).\n- usb: kobil_sct: fix non-atomic allocation in write path (bsc#1015828).\n- usb: serial: ftdi_sio: fix latency-timer error handling (bsc#1037441).\n- usb: serial: io_edgeport: fix NULL-deref at open (bsc#1015828).\n- usb: serial: io_edgeport: fix possible sleep-in-atomic (bsc#1037441).\n- usb: serial: keyspan_pda: fix modem-status error handling (bsc#1100132).\n- usb: visor: Match I330 phone more precisely (bsc#1047487).\n- cpu/hotplug: Add sysfs state interface (bsc#1089343).\n- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).\n- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).\n- cpu/hotplug: Split do_cpu_down() (bsc#1089343).\n- disable prot_none native mitigation (bnc#1104684)\n- drm/i915: fix use-after-free in page_flip_completed() (bsc#1103909).\n- drm: re-enable error handling (bsc#1103884)\n- efivarfs: maintain the efivarfs interfaces when sysfs be created and removed (bsc#1097125).\n- fix pgd underflow (bnc#1104475) custom walk_page_range rework was incorrect and could underflow pgd if the given range was below a first vma.\n- kthread, tracing: Do not expose half-written comm when creating kthreads (Git-fixes).\n- nvme: add device id\u0027s with intel stripe quirk (bsc#1097562).\n- perf/core: Fix group scheduling with mixed hw and sw events (Git-fixes).\n- perf/x86/intel: Handle Broadwell family processors (bsc#1093183).\n- s390/qeth: fix IPA command submission race (bnc#1099709, LTC#169004).\n- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1102087, LTC#168038).\n- scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler (bnc#1102087, LTC#168765).\n- scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF (bnc#1102087, LTC#168765).\n- series.conf: Remove trailing whitespaces\n- slab: introduce kmalloc_array() (bsc#909361).\n- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).\n- x64/entry: move ENABLE_IBRS after switching from trampoline stack (bsc#1098658).\n- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).\n- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343).\n- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).\n- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).\n- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).\n- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).\n- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).\n- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).\n- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).\n- x86/cpu: Remove the pointless CPU printout (bsc#1089343).\n- x86/fpu: fix signal handling with eager FPU switching (bsc#1100091).\n- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).\n- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).\n- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).\n- x86/topology: Add topology_max_smt_threads() (bsc#1089343).\n- x86/topology: Provide topology_smt_supported() (bsc#1089343).\n- x86/traps: Fix bad_iret_stack in fixup_bad_iret() (bsc#1098658).\n- x86/traps: add missing kernel CR3 switch in bad_iret path (bsc#1098658).\n- xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).\n- xen/x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).\n- xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).\n- xhci: xhci-mem: off by one in xhci_stream_id_to_ring() (bsc#1100132).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slertesp4-kernel-rt-20180827-13770",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2637-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2637-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182637-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2637-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004537.html"
},
{
"category": "self",
"summary": "SUSE Bug 1015828",
"url": "https://bugzilla.suse.com/1015828"
},
{
"category": "self",
"summary": "SUSE Bug 1037441",
"url": "https://bugzilla.suse.com/1037441"
},
{
"category": "self",
"summary": "SUSE Bug 1047487",
"url": "https://bugzilla.suse.com/1047487"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1085107",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "self",
"summary": "SUSE Bug 1087081",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "self",
"summary": "SUSE Bug 1089343",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1093183",
"url": "https://bugzilla.suse.com/1093183"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1096480",
"url": "https://bugzilla.suse.com/1096480"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1097125",
"url": "https://bugzilla.suse.com/1097125"
},
{
"category": "self",
"summary": "SUSE Bug 1097234",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "self",
"summary": "SUSE Bug 1097562",
"url": "https://bugzilla.suse.com/1097562"
},
{
"category": "self",
"summary": "SUSE Bug 1098016",
"url": "https://bugzilla.suse.com/1098016"
},
{
"category": "self",
"summary": "SUSE Bug 1098658",
"url": "https://bugzilla.suse.com/1098658"
},
{
"category": "self",
"summary": "SUSE Bug 1099709",
"url": "https://bugzilla.suse.com/1099709"
},
{
"category": "self",
"summary": "SUSE Bug 1099924",
"url": "https://bugzilla.suse.com/1099924"
},
{
"category": "self",
"summary": "SUSE Bug 1099942",
"url": "https://bugzilla.suse.com/1099942"
},
{
"category": "self",
"summary": "SUSE Bug 1100091",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "self",
"summary": "SUSE Bug 1100132",
"url": "https://bugzilla.suse.com/1100132"
},
{
"category": "self",
"summary": "SUSE Bug 1100418",
"url": "https://bugzilla.suse.com/1100418"
},
{
"category": "self",
"summary": "SUSE Bug 1102087",
"url": "https://bugzilla.suse.com/1102087"
},
{
"category": "self",
"summary": "SUSE Bug 1103884",
"url": "https://bugzilla.suse.com/1103884"
},
{
"category": "self",
"summary": "SUSE Bug 1103909",
"url": "https://bugzilla.suse.com/1103909"
},
{
"category": "self",
"summary": "SUSE Bug 1104365",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "self",
"summary": "SUSE Bug 1104475",
"url": "https://bugzilla.suse.com/1104475"
},
{
"category": "self",
"summary": "SUSE Bug 1104684",
"url": "https://bugzilla.suse.com/1104684"
},
{
"category": "self",
"summary": "SUSE Bug 909361",
"url": "https://bugzilla.suse.com/909361"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8405 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1068 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12233 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13053 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13406 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3620 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5814 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-09-06T13:01:35Z",
"generator": {
"date": "2018-09-06T13:01:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2637-1",
"initial_release_date": "2018-09-06T13:01:35Z",
"revision_history": [
{
"date": "2018-09-06T13:01:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt-base-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-source-rt-3.0.101.rt130-69.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64",
"product_id": "kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8405"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8405",
"url": "https://www.suse.com/security/cve/CVE-2016-8405"
},
{
"category": "external",
"summary": "SUSE Bug 1099942 for CVE-2016-8405",
"url": "https://bugzilla.suse.com/1099942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2016-8405"
},
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-1068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1068"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux 4.x kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1068",
"url": "https://www.suse.com/security/cve/CVE-2018-1068"
},
{
"category": "external",
"summary": "SUSE Bug 1085107 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "external",
"summary": "SUSE Bug 1085114 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085114"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1123903 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1123903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "important"
}
],
"title": "CVE-2018-1068"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "low"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-12233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12233"
}
],
"notes": [
{
"category": "general",
"text": "In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12233",
"url": "https://www.suse.com/security/cve/CVE-2018-12233"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097234 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-12233"
},
{
"cve": "CVE-2018-13053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13053"
}
],
"notes": [
{
"category": "general",
"text": "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13053",
"url": "https://www.suse.com/security/cve/CVE-2018-13053"
},
{
"category": "external",
"summary": "SUSE Bug 1099924 for CVE-2018-13053",
"url": "https://bugzilla.suse.com/1099924"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-13053",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "low"
}
],
"title": "CVE-2018-13053"
},
{
"cve": "CVE-2018-13406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13406"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13406",
"url": "https://www.suse.com/security/cve/CVE-2018-13406"
},
{
"category": "external",
"summary": "SUSE Bug 1098016 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1098016"
},
{
"category": "external",
"summary": "SUSE Bug 1100418 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1100418"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-13406"
},
{
"cve": "CVE-2018-3620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3620"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3620",
"url": "https://www.suse.com/security/cve/CVE-2018-3620"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1090340 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1090340"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3620",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-3620"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "low"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5814",
"url": "https://www.suse.com/security/cve/CVE-2018-5814"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5814",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1096480 for CVE-2018-5814",
"url": "https://bugzilla.suse.com/1096480"
},
{
"category": "external",
"summary": "SUSE Bug 1133319 for CVE-2018-5814",
"url": "https://bugzilla.suse.com/1133319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-5814"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.33.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T13:01:35Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
}
]
}
SUSE-SU-2018:2963-1
Vulnerability from csaf_suse - Published: 2018-10-01 16:05 - Updated: 2018-10-01 16:05Summary
Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.140-94_42 fixes several issues.
The following security issues were fixed:
- CVE-2018-5390: Prevent very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming TCP packet which can lead to a denial of service (bsc#1102682).
- CVE-2018-10938: Fixed an infinite loop in the cipso_v4_optptr() function leading to a denial-of-service via crafted network packets (bsc#1106191).
- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(), allowing a malicious local attacker to use this for privilege escalation (bsc#1105323).
- CVE-2018-3646: Fixed unauthorized disclosure of information residing in the L1 data cache on systems with microprocessors utilizing speculative execution and address translations (bsc#1099306).
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-2108,SUSE-SLE-Live-Patching-12-SP3-2018-2109
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.140-94_42 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2018-5390: Prevent very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming TCP packet which can lead to a denial of service (bsc#1102682).\n- CVE-2018-10938: Fixed an infinite loop in the cipso_v4_optptr() function leading to a denial-of-service via crafted network packets (bsc#1106191).\n- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(), allowing a malicious local attacker to use this for privilege escalation (bsc#1105323).\n- CVE-2018-3646: Fixed unauthorized disclosure of information residing in the L1 data cache on systems with microprocessors utilizing speculative execution and address translations (bsc#1099306).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-2108,SUSE-SLE-Live-Patching-12-SP3-2018-2109",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2963-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2963-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182963-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2963-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182963-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1099306",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "self",
"summary": "SUSE Bug 1102682",
"url": "https://bugzilla.suse.com/1102682"
},
{
"category": "self",
"summary": "SUSE Bug 1103203",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "self",
"summary": "SUSE Bug 1105323",
"url": "https://bugzilla.suse.com/1105323"
},
{
"category": "self",
"summary": "SUSE Bug 1106191",
"url": "https://bugzilla.suse.com/1106191"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10902 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10938 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5390 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5390/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-10-01T16:05:21Z",
"generator": {
"date": "2018-10-01T16:05:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2963-1",
"initial_release_date": "2018-10-01T16:05:21Z",
"revision_history": [
{
"date": "2018-10-01T16:05:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"product_id": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"product_id": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"product_id": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64",
"product_id": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10902"
}
],
"notes": [
{
"category": "general",
"text": "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10902",
"url": "https://www.suse.com/security/cve/CVE-2018-10902"
},
{
"category": "external",
"summary": "SUSE Bug 1105322 for CVE-2018-10902",
"url": "https://bugzilla.suse.com/1105322"
},
{
"category": "external",
"summary": "SUSE Bug 1105323 for CVE-2018-10902",
"url": "https://bugzilla.suse.com/1105323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-01T16:05:21Z",
"details": "low"
}
],
"title": "CVE-2018-10902"
},
{
"cve": "CVE-2018-10938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10938"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10938",
"url": "https://www.suse.com/security/cve/CVE-2018-10938"
},
{
"category": "external",
"summary": "SUSE Bug 1106016 for CVE-2018-10938",
"url": "https://bugzilla.suse.com/1106016"
},
{
"category": "external",
"summary": "SUSE Bug 1106191 for CVE-2018-10938",
"url": "https://bugzilla.suse.com/1106191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-01T16:05:21Z",
"details": "moderate"
}
],
"title": "CVE-2018-10938"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-01T16:05:21Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
},
{
"cve": "CVE-2018-5390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5390"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5390",
"url": "https://www.suse.com/security/cve/CVE-2018-5390"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102340 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1102340"
},
{
"category": "external",
"summary": "SUSE Bug 1102682 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1102682"
},
{
"category": "external",
"summary": "SUSE Bug 1103097 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "external",
"summary": "SUSE Bug 1103098 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1103098"
},
{
"category": "external",
"summary": "SUSE Bug 1156434 for CVE-2018-5390",
"url": "https://bugzilla.suse.com/1156434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_140-94_42-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-01T16:05:21Z",
"details": "moderate"
}
],
"title": "CVE-2018-5390"
}
]
}
SUSE-SU-2018:3490-1
Vulnerability from csaf_suse - Published: 2018-10-26 11:09 - Updated: 2018-10-26 11:09Summary
Security update for xen
Severity
Important
Notes
Title of the patch: Security update for xen
Description of the patch: This update for xen fixes the following issues:
XEN was updated to the Xen 4.9.3 bug fix only release (bsc#1027519)
- CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111014)
- CVE-2018-15470: oxenstored might not have enforced the configured quota-maxentity. This allowed a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS. (XSA-272) (bsc#1103279)
- CVE-2018-15469: ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash). (XSA-268) (bsc#1103275)
Note that SUSE does not ship ARM Xen, so we are not affected.
- CVE-2018-15468: The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service. (XSA-269) (bsc#1103276)
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. (XSA-273) (bsc#1091107)
Non security issues fixed:
- The affinity reporting via 'xl vcpu-list' was broken (bsc#1106263)
- Kernel oops in fs/dcache.c called by d_materialise_unique() (bsc#1094508)
Patchnames: SUSE-SLE-DESKTOP-12-SP3-2018-2492,SUSE-SLE-SDK-12-SP3-2018-2492,SUSE-SLE-SERVER-12-SP3-2018-2492
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xen fixes the following issues:\n\nXEN was updated to the Xen 4.9.3 bug fix only release (bsc#1027519)\n\n- CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111014)\n- CVE-2018-15470: oxenstored might not have enforced the configured quota-maxentity. This allowed a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS. (XSA-272) (bsc#1103279)\n- CVE-2018-15469: ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash). (XSA-268) (bsc#1103275)\n Note that SUSE does not ship ARM Xen, so we are not affected.\n- CVE-2018-15468: The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service. (XSA-269) (bsc#1103276)\n- CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. (XSA-273) (bsc#1091107)\n\nNon security issues fixed:\n\n- The affinity reporting via \u0027xl vcpu-list\u0027 was broken (bsc#1106263)\n- Kernel oops in fs/dcache.c called by d_materialise_unique() (bsc#1094508)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-2492,SUSE-SLE-SDK-12-SP3-2018-2492,SUSE-SLE-SERVER-12-SP3-2018-2492",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3490-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3490-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183490-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3490-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004800.html"
},
{
"category": "self",
"summary": "SUSE Bug 1027519",
"url": "https://bugzilla.suse.com/1027519"
},
{
"category": "self",
"summary": "SUSE Bug 1078292",
"url": "https://bugzilla.suse.com/1078292"
},
{
"category": "self",
"summary": "SUSE Bug 1091107",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "self",
"summary": "SUSE Bug 1094508",
"url": "https://bugzilla.suse.com/1094508"
},
{
"category": "self",
"summary": "SUSE Bug 1103275",
"url": "https://bugzilla.suse.com/1103275"
},
{
"category": "self",
"summary": "SUSE Bug 1103276",
"url": "https://bugzilla.suse.com/1103276"
},
{
"category": "self",
"summary": "SUSE Bug 1103279",
"url": "https://bugzilla.suse.com/1103279"
},
{
"category": "self",
"summary": "SUSE Bug 1106263",
"url": "https://bugzilla.suse.com/1106263"
},
{
"category": "self",
"summary": "SUSE Bug 1111014",
"url": "https://bugzilla.suse.com/1111014"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17963 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
}
],
"title": "Security update for xen",
"tracking": {
"current_release_date": "2018-10-26T11:09:27Z",
"generator": {
"date": "2018-10-26T11:09:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3490-1",
"initial_release_date": "2018-10-26T11:09:27Z",
"revision_history": [
{
"date": "2018-10-26T11:09:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-devel-4.9.3_03-3.44.2.aarch64",
"product": {
"name": "xen-devel-4.9.3_03-3.44.2.aarch64",
"product_id": "xen-devel-4.9.3_03-3.44.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-libs-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-libs-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-devel-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-devel-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-devel-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-doc-html-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-tools-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-tools-4.9.3_03-3.44.2.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"product": {
"name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"product_id": "xen-tools-domU-4.9.3_03-3.44.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.9.3_03-3.44.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64"
},
"product_reference": "xen-devel-4.9.3_03-3.44.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-devel-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-tools-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-doc-html-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-tools-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.9.3_03-3.44.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64"
},
"product_reference": "xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15468"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15468",
"url": "https://www.suse.com/security/cve/CVE-2018-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1103276 for CVE-2018-15468",
"url": "https://bugzilla.suse.com/1103276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-26T11:09:27Z",
"details": "moderate"
}
],
"title": "CVE-2018-15468"
},
{
"cve": "CVE-2018-15469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15469"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15469",
"url": "https://www.suse.com/security/cve/CVE-2018-15469"
},
{
"category": "external",
"summary": "SUSE Bug 1103275 for CVE-2018-15469",
"url": "https://bugzilla.suse.com/1103275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-26T11:09:27Z",
"details": "moderate"
}
],
"title": "CVE-2018-15469"
},
{
"cve": "CVE-2018-15470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15470"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15470",
"url": "https://www.suse.com/security/cve/CVE-2018-15470"
},
{
"category": "external",
"summary": "SUSE Bug 1103279 for CVE-2018-15470",
"url": "https://bugzilla.suse.com/1103279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-26T11:09:27Z",
"details": "moderate"
}
],
"title": "CVE-2018-15470"
},
{
"cve": "CVE-2018-17963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17963"
}
],
"notes": [
{
"category": "general",
"text": "qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17963",
"url": "https://www.suse.com/security/cve/CVE-2018-17963"
},
{
"category": "external",
"summary": "SUSE Bug 1111013 for CVE-2018-17963",
"url": "https://bugzilla.suse.com/1111013"
},
{
"category": "external",
"summary": "SUSE Bug 1111014 for CVE-2018-17963",
"url": "https://bugzilla.suse.com/1111014"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-17963",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-26T11:09:27Z",
"details": "moderate"
}
],
"title": "CVE-2018-17963"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.3_03-3.44.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:xen-devel-4.9.3_03-3.44.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-26T11:09:27Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
}
]
}
SUSE-SU-2018:4300-1
Vulnerability from csaf_suse - Published: 2018-12-28 17:38 - Updated: 2018-12-28 17:38Summary
Security update for xen
Severity
Important
Notes
Title of the patch: Security update for xen
Description of the patch: This update for xen fixes the following issues:
Update to Xen 4.10.2 bug fix release (bsc#1027519).
Security vulnerabilities fixed:
- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB
flushing with AMD IOMMUs, which potentially allowed a guest to escalate its
privileges, may cause a Denial of Service (DoS) affecting the entire host, or
may be able to access data it is not supposed to access. (XSA-275)
(bsc#1115040)
- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case
non-canonical addresses are accessed, which may allow a guest to cause Xen to
crash, resulting in a Denial of Service (DoS) affecting the entire host.
(XSA-279) (bsc#1115045)
- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which
conflicted with shadow paging and allowed a guest to cause Xen to crash,
resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)
- CVE-2018-18883: Fixed an issue related to inproper restriction of nested VT-x,
which allowed a guest to cause Xen to crash, resulting in a Denial of Service
(DoS). (XSA-278) (bsc#1114405)
- CVE-2018-15468: Fixed incorrect MSR_DEBUGCTL handling, which allowed guests to
enable Branch Trace Store and may cause a Denial of Service (DoS) of the
entire host. (XSA-269) (bsc#1103276)
- CVE-2018-15469: Fixed use of v2 grant tables on ARM, which were not properly
implemented and may cause a Denial of Service (DoS). (XSA-268) (bsc#1103275)
- CVE-2018-15470: Fixed an issue in the logic in oxenstored for handling writes,
which allowed a guest to write memory unbounded leading to system-wide Denial
of Service (DoS). (XSA-272) (bsc#1103279)
- CVE-2018-3646: Mitigations for VMM aspects of L1 Terminal Fault (XSA-273)
(bsc#1091107)
Other bugs fixed:
- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)
- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)
- Fixed a kernel oops related to fs/dcache.c called by d_materialise_unique() (bsc#1094508)
Patchnames: SUSE-SLE-Module-Basesystem-15-2018-3063,SUSE-SLE-Module-Server-Applications-15-2018-3063
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.8 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
58 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xen fixes the following issues:\n\nUpdate to Xen 4.10.2 bug fix release (bsc#1027519).\n\nSecurity vulnerabilities fixed:\n\n- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB\n flushing with AMD IOMMUs, which potentially allowed a guest to escalate its\n privileges, may cause a Denial of Service (DoS) affecting the entire host, or\n may be able to access data it is not supposed to access. (XSA-275)\n (bsc#1115040)\n- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case\n non-canonical addresses are accessed, which may allow a guest to cause Xen to\n crash, resulting in a Denial of Service (DoS) affecting the entire host.\n (XSA-279) (bsc#1115045)\n- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which\n conflicted with shadow paging and allowed a guest to cause Xen to crash,\n resulting in a Denial of Service (DoS). (XSA-280) (bsc#1115047)\n- CVE-2018-18883: Fixed an issue related to inproper restriction of nested VT-x,\n which allowed a guest to cause Xen to crash, resulting in a Denial of Service\n (DoS). (XSA-278) (bsc#1114405)\n- CVE-2018-15468: Fixed incorrect MSR_DEBUGCTL handling, which allowed guests to\n enable Branch Trace Store and may cause a Denial of Service (DoS) of the\n entire host. (XSA-269) (bsc#1103276)\n- CVE-2018-15469: Fixed use of v2 grant tables on ARM, which were not properly\n implemented and may cause a Denial of Service (DoS). (XSA-268) (bsc#1103275)\n- CVE-2018-15470: Fixed an issue in the logic in oxenstored for handling writes,\n which allowed a guest to write memory unbounded leading to system-wide Denial\n of Service (DoS). (XSA-272) (bsc#1103279)\n- CVE-2018-3646: Mitigations for VMM aspects of L1 Terminal Fault (XSA-273)\n (bsc#1091107)\n\nOther bugs fixed:\n\n- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)\n- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)\n- Fixed a kernel oops related to fs/dcache.c called by d_materialise_unique() (bsc#1094508)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Basesystem-15-2018-3063,SUSE-SLE-Module-Server-Applications-15-2018-3063",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_4300-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:4300-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184300-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:4300-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-December/005008.html"
},
{
"category": "self",
"summary": "SUSE Bug 1027519",
"url": "https://bugzilla.suse.com/1027519"
},
{
"category": "self",
"summary": "SUSE Bug 1078292",
"url": "https://bugzilla.suse.com/1078292"
},
{
"category": "self",
"summary": "SUSE Bug 1091107",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "self",
"summary": "SUSE Bug 1094508",
"url": "https://bugzilla.suse.com/1094508"
},
{
"category": "self",
"summary": "SUSE Bug 1103275",
"url": "https://bugzilla.suse.com/1103275"
},
{
"category": "self",
"summary": "SUSE Bug 1103276",
"url": "https://bugzilla.suse.com/1103276"
},
{
"category": "self",
"summary": "SUSE Bug 1103279",
"url": "https://bugzilla.suse.com/1103279"
},
{
"category": "self",
"summary": "SUSE Bug 1105528",
"url": "https://bugzilla.suse.com/1105528"
},
{
"category": "self",
"summary": "SUSE Bug 1108940",
"url": "https://bugzilla.suse.com/1108940"
},
{
"category": "self",
"summary": "SUSE Bug 1114405",
"url": "https://bugzilla.suse.com/1114405"
},
{
"category": "self",
"summary": "SUSE Bug 1115040",
"url": "https://bugzilla.suse.com/1115040"
},
{
"category": "self",
"summary": "SUSE Bug 1115045",
"url": "https://bugzilla.suse.com/1115045"
},
{
"category": "self",
"summary": "SUSE Bug 1115047",
"url": "https://bugzilla.suse.com/1115047"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-15470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-15470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18883 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19961 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19962 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19965 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19966 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3646/"
}
],
"title": "Security update for xen",
"tracking": {
"current_release_date": "2018-12-28T17:38:50Z",
"generator": {
"date": "2018-12-28T17:38:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:4300-1",
"initial_release_date": "2018-12-28T17:38:50Z",
"revision_history": [
{
"date": "2018-12-28T17:38:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-libs-4.10.2_04-3.9.1.x86_64",
"product": {
"name": "xen-libs-4.10.2_04-3.9.1.x86_64",
"product_id": "xen-libs-4.10.2_04-3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"product": {
"name": "xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"product_id": "xen-tools-domU-4.10.2_04-3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-4.10.2_04-3.9.1.x86_64",
"product": {
"name": "xen-4.10.2_04-3.9.1.x86_64",
"product_id": "xen-4.10.2_04-3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-devel-4.10.2_04-3.9.1.x86_64",
"product": {
"name": "xen-devel-4.10.2_04-3.9.1.x86_64",
"product_id": "xen-devel-4.10.2_04-3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.10.2_04-3.9.1.x86_64",
"product": {
"name": "xen-tools-4.10.2_04-3.9.1.x86_64",
"product_id": "xen-tools-4.10.2_04-3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.10.2_04-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64"
},
"product_reference": "xen-libs-4.10.2_04-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.10.2_04-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64"
},
"product_reference": "xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.10.2_04-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64"
},
"product_reference": "xen-4.10.2_04-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.10.2_04-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64"
},
"product_reference": "xen-devel-4.10.2_04-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.10.2_04-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
},
"product_reference": "xen-tools-4.10.2_04-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15468"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15468",
"url": "https://www.suse.com/security/cve/CVE-2018-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1103276 for CVE-2018-15468",
"url": "https://bugzilla.suse.com/1103276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-15468"
},
{
"cve": "CVE-2018-15469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15469"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15469",
"url": "https://www.suse.com/security/cve/CVE-2018-15469"
},
{
"category": "external",
"summary": "SUSE Bug 1103275 for CVE-2018-15469",
"url": "https://bugzilla.suse.com/1103275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-15469"
},
{
"cve": "CVE-2018-15470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-15470"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-15470",
"url": "https://www.suse.com/security/cve/CVE-2018-15470"
},
{
"category": "external",
"summary": "SUSE Bug 1103279 for CVE-2018-15470",
"url": "https://bugzilla.suse.com/1103279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-15470"
},
{
"cve": "CVE-2018-18883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18883"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18883",
"url": "https://www.suse.com/security/cve/CVE-2018-18883"
},
{
"category": "external",
"summary": "SUSE Bug 1114405 for CVE-2018-18883",
"url": "https://bugzilla.suse.com/1114405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-18883"
},
{
"cve": "CVE-2018-19961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19961"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19961",
"url": "https://www.suse.com/security/cve/CVE-2018-19961"
},
{
"category": "external",
"summary": "SUSE Bug 1115040 for CVE-2018-19961",
"url": "https://bugzilla.suse.com/1115040"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-19961",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "important"
}
],
"title": "CVE-2018-19961"
},
{
"cve": "CVE-2018-19962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19962"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19962",
"url": "https://www.suse.com/security/cve/CVE-2018-19962"
},
{
"category": "external",
"summary": "SUSE Bug 1115040 for CVE-2018-19962",
"url": "https://bugzilla.suse.com/1115040"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-19962",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "important"
}
],
"title": "CVE-2018-19962"
},
{
"cve": "CVE-2018-19965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19965"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19965",
"url": "https://www.suse.com/security/cve/CVE-2018-19965"
},
{
"category": "external",
"summary": "SUSE Bug 1115045 for CVE-2018-19965",
"url": "https://bugzilla.suse.com/1115045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-19965"
},
{
"cve": "CVE-2018-19966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19966"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19966",
"url": "https://www.suse.com/security/cve/CVE-2018-19966"
},
{
"category": "external",
"summary": "SUSE Bug 1115047 for CVE-2018-19966",
"url": "https://bugzilla.suse.com/1115047"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-19966",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "moderate"
}
],
"title": "CVE-2018-19966"
},
{
"cve": "CVE-2018-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3646"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3646",
"url": "https://www.suse.com/security/cve/CVE-2018-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087081 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1087081"
},
{
"category": "external",
"summary": "SUSE Bug 1089343 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1089343"
},
{
"category": "external",
"summary": "SUSE Bug 1091107 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1091107"
},
{
"category": "external",
"summary": "SUSE Bug 1099306 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1099306"
},
{
"category": "external",
"summary": "SUSE Bug 1104365 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104365"
},
{
"category": "external",
"summary": "SUSE Bug 1104894 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1104894"
},
{
"category": "external",
"summary": "SUSE Bug 1106548 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1106548"
},
{
"category": "external",
"summary": "SUSE Bug 1113534 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1113534"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3646",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15:xen-libs-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:xen-tools-domU-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-devel-4.10.2_04-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15:xen-tools-4.10.2_04-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-12-28T17:38:50Z",
"details": "important"
}
],
"title": "CVE-2018-3646"
}
]
}
VAR-201808-0957
Vulnerability from variot - Updated: 2026-03-09 20:08Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. 7.2) - noarch, x86_64
- Description:
The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. (CVE-2018-3620, CVE-2018-3646)
- A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra
macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following:
afpserver Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A remote attacker may be able to attack AFP servers through HTTP clients Description: An input validation issue was addressed with improved input validation. CVE-2018-4295: Jianjun Chen (@whucjj) from Tsinghua University and UC Berkeley
AppleGraphicsControl Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4410: an anonymous researcher working with Trend Micro's Zero Day Initiative
AppleGraphicsControl Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4417: Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative
APR Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2017-12613: Craig Young of Tripwire VERT CVE-2017-12618: Craig Young of Tripwire VERT
ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiative
ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4308: Mohamed Ghannam (@_simo36)
CFNetwork Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative
CoreAnimation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4415: Liang Zhuo working with Beyond Security's SecuriTeam Secure Disclosure
CoreCrypto Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum
CoreFoundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC)
CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: In certain configurations, a remote attacker may be able to replace the message content from the print server with arbitrary content Description: An injection issue was addressed with improved validation. CVE-2018-4153: Michael Hanselmann of hansmi.ch
CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4406: Michael Hanselmann of hansmi.ch
Dictionary Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Parsing a maliciously crafted dictionary file may lead to disclosure of user information Description: A validation issue existed which allowed local file access. This was addressed with input sanitization. CVE-2018-4346: Wojciech ReguAa (@_r3ggi) of SecuRing
Dock Available for: macOS Mojave 10.14 Impact: A malicious application may be able to access restricted files Description: This issue was addressed by removing additional entitlements. CVE-2018-4403: Patrick Wardle of Digita Security
dyld Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. This ensures that older data read from recently-written-to addresses cannot be read via a speculative side-channel. CVE-2018-3639: Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken Johnson of the Microsoft Security Response Center (MSRC)
EFI Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A local user may be able to modify protected parts of the file system Description: A configuration issue was addressed with additional restrictions. CVE-2018-4342: Timothy Perfitt of Twocanoes Software
Foundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck)
Grand Central Dispatch Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad
Heimdal Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. Wenisch of University of Michigan, Mark Silberstein and Marina Minkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens of KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu of Intel Corporation, Yuval Yarom of The University of Adelaide
Hypervisor Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team
ICU Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4394: an anonymous researcher
Intel Graphics Driver Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4334: Ian Beer of Google Project Zero
Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4396: Yu Wang of Didi Research America CVE-2018-4418: Yu Wang of Didi Research America
Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4350: Yu Wang of Didi Research America
IOGraphics Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4422: an anonymous researcher working with Trend Micro's Zero Day Initiative
IOHIDFamily Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero
IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4402: Proteas of Qihoo 360 Nirvan Team
IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero
IOUserEthernet Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple
IPSec Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel Available for: macOS High Sierra 10.13.6 Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane)
Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4419: Mohamed Ghannam (@_simo36) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative
Kernel Available for: macOS Sierra 10.12.6 Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com
Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security Team
Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd.
Kernel Available for: macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4424: Dr. Silvio Cesare of InfoSect
Login Window Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4348: Ken Gannon of MWR InfoSecurity and Christian Demko of MWR InfoSecurity
Mail Available for: macOS Mojave 10.14 Impact: Processing a maliciously crafted mail message may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4389: Dropbox Offensive Security Team, Theodor Ragnar Gislason of Syndis
mDNSOffloadUserClient Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team
MediaRemote Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel. CVE-2018-3640: Innokentiy Sennovskiy from BiZone LLC (bi.zone), Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com)
NetworkExtension Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy Description: A logic issue was addressed with improved state management. CVE-2018-4369: an anonymous researcher
Perl Available for: macOS Sierra 10.12.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2018-6797: Brian Carpenter
Ruby Available for: macOS Sierra 10.12.6 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple issues in Ruby were addressed in this update. CVE-2017-898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780
Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted S/MIME signed message may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security
Spotlight Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4393: Lufeng Li
Symptom Framework Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative
WiFi Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Calendar We would like to acknowledge an anonymous researcher for their assistance.
iBooks We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance.
Kernel We would like to acknowledge Brandon Azad for their assistance.
LaunchServices We would like to acknowledge Alok Menghrajani of Square for their assistance.
Quick Look We would like to acknowledge lokihardt of Google Project Zero for their assistance.
Security We would like to acknowledge Marinos Bernitsas of Parachute for their assistance.
Terminal We would like to acknowledge an anonymous researcher for their assistance.
Installation note:
macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EcGQ// QbUbTOZRgxcStGZjs+qdXjeaXI6i1MKaky7o/iYCXf87crFu79PCsXyPU1jeMvoS tgDxz7ornlyaxR4wcSYzfcuIeY2ZH+dkxc7JJHQbKTW1dWYHpXUUzzNm+Ay/Gtk+ 2EIAgJ9oUf8FARR5cmcKBZfLFVdc40vpM3bBCV4m2Kr5KiDsqZKdZTujBQRccAsO HKRbhDecw0WX/CfEbLprs86uIXFMIoifhmh8LMebjzIQn2ozoFG6R31vMMHeDpir zf0xlVCJrJy/XywmkodhBWWrUWcM0hfsJ8EmyIBwFEYUxFhOV3D+x3rStd2kjyNL LG9oWclxDkjImQXdrL8IRAQfZvcVQFZK2vSGCYfRN0LY105sxjPjeIsJ0RORzcSN 2mlDR1UuTosk0GleDbmhv/ornfOc537UebwuHVWU5LpPNFkvY1Cv8zPrQAHewuod TmktkNuv2x2fgw9g7ntE88UBF9JMC+Ofs/FgJ67RkoT4R39P7VvaztHlmxmr/rIw TrSs7TDVqciz+DOMRKxyNPI1cpXM5ITCTvgbY4+RWwaFJzfgY+Gc+sldvVcb1x9I LlsI19MA0bsvi+ReOcLbWYuEHaVhVqZ7LndxR9m2gJ39L9jff+dOsSlznF4OLs+S t7Rz6i2mOpe6vXobkTUmml3m3zYIhL3XcdcYpw3U0F8= =uhgi -----END PGP SIGNATURE----- . Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc.
To fully resolve these vulnerabilities it is also necessary to install updated CPU microcode (only available in Debian non-free). Common server class CPUs are covered in the update released as DSA 4273-1.
For the stable distribution (stretch), these problems have been fixed in version 4.9.110-3+deb9u3. ========================================================================= Ubuntu Security Notice USN-3742-2 August 14, 2018
linux-lts-trusty vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM.
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646)
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. (CVE-2018-3620)
Andrey Konovalov discovered an out-of-bounds read in the POSIX timers subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. A remote attacker could use this to cause a denial of service. (CVE-2018-5390)
Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service. (CVE-2018-5391)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: linux-image-3.13.0-155-generic 3.13.0-155.206~precise1 linux-image-3.13.0-155-generic-lpae 3.13.0-155.206~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.155.145 linux-image-generic-lts-trusty 3.13.0.155.145
Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2387-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2387 Issue date: 2018-08-14 CVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)
-
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.
Bug Fix(es):
-
Previously, configurations with the little-endian variant of IBM Power Systems CPU architectures and Hard Disk Drives (HDD) designed according to Nonvolatile Memory Express (NVMe) open standards, experienced crashes during shutdown or reboot due to race conditions of CPUs. As a consequence, the sysfs pseudo file system threw a stack trace report about an attempt to create a duplicate entry in sysfs. This update modifies the source code so that the irq_dispose_mapping() function is called first and the msi_bitmap_free_hwirqs() function is called afterwards. As a result, the race condition no longer appears in the described scenario. (BZ#1570510)
-
When switching from the indirect branch speculation (IBRS) feature to the retpolines feature, the IBRS state of some CPUs was sometimes not handled correctly. Consequently, some CPUs were left with the IBRS Model-Specific Register (MSR) bit set to 1, which could lead to performance issues. With this update, the underlying source code has been fixed to clear the IBRS MSR bits correctly, thus fixing the bug. (BZ#1586147)
-
During a balloon reset, page pointers were not correctly initialized after unmapping the memory. Consequently, on the VMware ESXi hypervisor with "Fault Tolerance" and "ballooning" enabled, the following messages repeatedly occurred in the kernel log:
[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100() [3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)
With this update, the underlying source code has been fixed to initialize page pointers properly. As a result, the mm/vmalloc.c warnings no longer occur under the described circumstances. (BZ#1595600)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4):
Source: kernel-3.10.0-693.37.4.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.4):
Source: kernel-3.10.0-693.37.4.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
ppc64: kernel-3.10.0-693.37.4.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm perf-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le: kernel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm perf-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
s390x: kernel-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm kernel-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-headers-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm perf-3.10.0-693.37.4.el7.s390x.rpm perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm python-perf-3.10.0-693.37.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.4):
ppc64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/L1TF
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U OOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi dr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX 96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL VNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl SpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN RiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU lIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW iWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji uwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz mMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2 dsE8Ald7hA4=scjp -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.4) - x86_64
-
(CVE-2018-3639)
-
kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems.
We apologize for the inconvenience. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
- The kernel-rt packages have been upgraded to the 3.10.0-693.37.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1599860)
4
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "930"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "720qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2655le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y31"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "550"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6585r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8550u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150t"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10c"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "740qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920xm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3630qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4720hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4000m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2405s"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8100"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2435m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3380m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2410m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3317u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700ec"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3339y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "460m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2620m"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y32"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "950"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2960xm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "840qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4500u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4400e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5750hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570r"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2760qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "650"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6685r"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "970"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5550u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3225"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6260u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "875k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350h"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3840qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4308u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2920xm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2340ue"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712mq"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y30"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3230m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2720qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775c"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3227u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "760"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700eq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600"
},
{
"_id": null,
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675c"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5557u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5157u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2629m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2380p"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5257u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700mq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4005u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640lm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600t"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y57"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "820qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2675qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5300u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3475s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340te"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310u"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2637m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5200u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "580m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4260u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4750hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4785t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4722hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5500u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8650u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2375m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2540m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3720qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770te"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820eq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "670"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "960"
},
{
"_id": null,
"model": "core m7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y75"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2102"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440eq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610me"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2700k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "470um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2649m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330um"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6402p"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "610e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4950hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540um"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2300"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "530"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660lm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2390t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2617m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2515e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3667u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2467m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775r"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2557m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4578u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4800mq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "350m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2550k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3689y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4910mq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hk"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4440"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6287u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3350p"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4202y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3437u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100h"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700eq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8250u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2320"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6157u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4550u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3520m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7660u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4410e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980x"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y51"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640um"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4250u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "370m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770r"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2430m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2357m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6006u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4158u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217ue"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3360m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2348m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4012y"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y70"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4771"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3229y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702ec"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5650u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620ue"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "480m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620lm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4278u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3130m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6200u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4510u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2640m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200m"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y71"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2125"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2370m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3427u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5575r"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4558u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710mq"
},
{
"_id": null,
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y30"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2630qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517ue"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4422e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3320m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3245"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2510e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2312m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3632qm"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5015u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6267u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3687u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3635qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6167u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7567u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4765t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "965"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3115c"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5287u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940xm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660ue"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "975"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2635qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670r"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qm"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4760hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "655k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200h"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "990x"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450p"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4102e"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8600k"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4960hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4810mq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7600u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5950hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210h"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6442eq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3439y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2365m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850eq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6098p"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120me"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7560u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3110m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4288u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qe"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3540m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y75"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4900mq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2537m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6102e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3555le"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5020u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "661"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2677m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4302y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4258u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3337u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610y"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2657m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100e"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5010u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5250u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2377m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690t"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2115c"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500k"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2710qe"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "880"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3820qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2520m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4120u"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2350m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4220y"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500te"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770k"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2367m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3740qm"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6350hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430s"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4980hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6320"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5005u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4402ec"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680um"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2715qe"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4020y"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2130"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "450m"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500t"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850hq"
},
{
"_id": null,
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10a"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330e"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2610ue"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "390m"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2328m"
},
{
"_id": null,
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y54"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380um"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2105"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4025u"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570t"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570s"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6360u"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7920hq"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330m"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770"
},
{
"_id": null,
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870hq"
},
{
"_id": null,
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440hq"
},
{
"_id": null,
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3537u"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "NVD",
"id": "CVE-2018-3646"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "148908"
},
{
"db": "PACKETSTORM",
"id": "148952"
},
{
"db": "PACKETSTORM",
"id": "148903"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148906"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3646",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2018-3646",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-133677",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2018-3646",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-3646",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133677",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-3646",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133677"
},
{
"db": "VULMON",
"id": "CVE-2018-3646"
},
{
"db": "NVD",
"id": "CVE-2018-3646"
}
]
},
"description": {
"_id": null,
"data": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. 7.2) - noarch, x86_64\n\n3. Description:\n\nThe RHV-M Virtual Appliance automates the process of installing and\nconfiguring the Red Hat Virtualization Manager. The appliance is available\nto download as an OVA file from the Customer Portal. (CVE-2018-3620,\nCVE-2018-3646)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled\nspecially crafted TCP packets. A remote attacker could use this flaw to\ntrigger time and calculation expensive calls to tcp_collapse_ofo_queue()\nand tcp_prune_ofo_queue() functions by sending specially modified packets\nwithin ongoing TCP sessions which could lead to a CPU saturation and hence\na denial of service on the system. Maintaining the denial of service\ncondition requires continuous two-way TCP sessions to a reachable open\nport, thus the attacks cannot be performed using spoofed IP addresses. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001\nHigh Sierra, Security Update 2018-005 Sierra\n\nmacOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and\nSecurity Update 2018-005 Sierra are now available and address\nthe following:\n\nafpserver\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A remote attacker may be able to attack AFP servers through\nHTTP clients\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4295: Jianjun Chen (@whucjj) from Tsinghua University and UC\nBerkeley\n\nAppleGraphicsControl\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4410: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative\n\nAppleGraphicsControl\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4417: Lee of the Information Security Lab Yonsei University\nworking with Trend Micro\u0027s Zero Day Initiative\n\nAPR\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Multiple buffer overflow issues existed in Perl\nDescription: Multiple issues in Perl were addressed with improved\nmemory handling. \nCVE-2017-12613: Craig Young of Tripwire VERT\nCVE-2017-12618: Craig Young of Tripwire VERT\n\nATS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to elevate privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend\nMicro\u0027s Zero Day Initiative\n\nATS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2018-4308: Mohamed Ghannam (@_simo36)\n\nCFNetwork\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\n\nCoreAnimation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4415: Liang Zhuo working with Beyond Security\u0027s SecuriTeam\nSecure Disclosure\n\nCoreCrypto\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An attacker may be able to exploit a weakness in the\nMiller-Rabin primality test to incorrectly identify prime numbers\nDescription: An issue existed in the method for determining prime\nnumbers. This issue was addressed by using pseudorandom bases for\ntesting of primes. \nCVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of\nRoyal Holloway, University of London, and Juraj Somorovsky of Ruhr\nUniversity, Bochum\n\nCoreFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to elevate privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4412: The UK\u0027s National Cyber Security Centre (NCSC)\n\nCUPS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: In certain configurations, a remote attacker may be able to\nreplace the message content from the print server with arbitrary\ncontent\nDescription: An injection issue was addressed with improved\nvalidation. \nCVE-2018-4153: Michael Hanselmann of hansmi.ch\n\nCUPS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4406: Michael Hanselmann of hansmi.ch\n\nDictionary\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Parsing a maliciously crafted dictionary file may lead to\ndisclosure of user information\nDescription: A validation issue existed which allowed local file\naccess. This was addressed with input sanitization. \nCVE-2018-4346: Wojciech ReguAa (@_r3ggi) of SecuRing\n\nDock\nAvailable for: macOS Mojave 10.14\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed by removing additional\nentitlements. \nCVE-2018-4403: Patrick Wardle of Digita Security\n\ndyld\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved validation. This ensures that older data read from\nrecently-written-to addresses cannot be read via a speculative\nside-channel. \nCVE-2018-3639: Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken\nJohnson of the Microsoft Security Response Center (MSRC)\n\nEFI\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14\nImpact: A local user may be able to modify protected parts of the\nfile system\nDescription: A configuration issue was addressed with additional\nrestrictions. \nCVE-2018-4342: Timothy Perfitt of Twocanoes Software\n\nFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4304: jianan.huang (@Sevck)\n\nGrand Central Dispatch\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4426: Brandon Azad\n\nHeimdal\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas\nF. Wenisch of University of Michigan, Mark Silberstein and Marina\nMinkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens\nof KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu\nof Intel Corporation, Yuval Yarom of The University of Adelaide\n\nHypervisor\nAvailable for: macOS Sierra 10.12.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team\n\nICU\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: Processing a maliciously crafted string may lead to heap\ncorruption\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4394: an anonymous researcher\n\nIntel Graphics Driver\nAvailable for: macOS Sierra 10.12.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4334: Ian Beer of Google Project Zero\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4396: Yu Wang of Didi Research America\nCVE-2018-4418: Yu Wang of Didi Research America\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4350: Yu Wang of Didi Research America\n\nIOGraphics\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4422: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative\n\nIOHIDFamily\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation\nCVE-2018-4408: Ian Beer of Google Project Zero\n\nIOKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4402: Proteas of Qihoo 360 Nirvan Team\n\nIOKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4341: Ian Beer of Google Project Zero\nCVE-2018-4354: Ian Beer of Google Project Zero\n\nIOUserEthernet\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4401: Apple\n\nIPSec\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed by removing the\nvulnerable code. \nCVE-2018-4420: Mohamed Ghannam (@_simo36)\n\nKernel\nAvailable for: macOS High Sierra 10.13.6\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: An access issue existed with privileged API calls. This\nissue was addressed with additional restrictions. \nCVE-2018-4399: Fabiano Anemone (@anoane)\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4340: Mohamed Ghannam (@_simo36)\nCVE-2018-4419: Mohamed Ghannam (@_simo36)\nCVE-2018-4425: cc working with Trend Micro\u0027s Zero Day Initiative,\nJuwei Lin (@panicaII) of Trend Micro working with Trend Micro\u0027s Zero\nDay Initiative\n\nKernel\nAvailable for: macOS Sierra 10.12.6\nImpact: Mounting a maliciously crafted NFS network share may lead to\narbitrary code execution with system privileges\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to read restricted memory\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security\nTeam\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An attacker in a privileged network position may be able to\nexecute arbitrary code\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4407: Kevin Backhouse of Semmle Ltd. \n\nKernel\nAvailable for: macOS Mojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4424: Dr. Silvio Cesare of InfoSect\n\nLogin Window\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A local user may be able to cause a denial of service\nDescription: A validation issue was addressed with improved logic. \nCVE-2018-4348: Ken Gannon of MWR InfoSecurity and Christian Demko of\nMWR InfoSecurity\n\nMail\nAvailable for: macOS Mojave 10.14\nImpact: Processing a maliciously crafted mail message may lead to UI\nspoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4389: Dropbox Offensive Security Team, Theodor Ragnar\nGislason of Syndis\n\nmDNSOffloadUserClient\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4326: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team\n\nMediaRemote\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions. This ensures that implementation specific system\nregisters cannot be leaked via a speculative execution side-channel. \nCVE-2018-3640: Innokentiy Sennovskiy from BiZone LLC (bi.zone),\nZdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com)\n\nNetworkExtension\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14\nImpact: Connecting to a VPN server may leak DNS queries to a DNS\nproxy\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2018-4369: an anonymous researcher\n\nPerl\nAvailable for: macOS Sierra 10.12.6\nImpact: Multiple buffer overflow issues existed in Perl\nDescription: Multiple issues in Perl were addressed with improved\nmemory handling. \nCVE-2018-6797: Brian Carpenter\n\nRuby\nAvailable for: macOS Sierra 10.12.6\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple issues in Ruby were addressed in this update. \nCVE-2017-898\nCVE-2017-10784\nCVE-2017-14033\nCVE-2017-14064\nCVE-2017-17405\nCVE-2017-17742\nCVE-2018-6914\nCVE-2018-8777\nCVE-2018-8778\nCVE-2018-8779\nCVE-2018-8780\n\nSecurity\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: Processing a maliciously crafted S/MIME signed message may\nlead to a denial of service\nDescription: A validation issue was addressed with improved logic. \nCVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. \n\nSecurity\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A local user may be able to cause a denial of service\nDescription: This issue was addressed with improved checks. \nCVE-2018-4395: Patrick Wardle of Digita Security\n\nSpotlight\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4393: Lufeng Li\n\nSymptom Framework\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\n\nWiFi\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile\nNetworking Lab at Technische UniversitA$?t Darmstadt\n\nAdditional recognition\n\nCalendar\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\niBooks\nWe would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool \nICT for their assistance. \n\nKernel\nWe would like to acknowledge Brandon Azad for their assistance. \n\nLaunchServices\nWe would like to acknowledge Alok Menghrajani of Square for their\nassistance. \n\nQuick Look\nWe would like to acknowledge lokihardt of Google Project Zero for\ntheir assistance. \n\nSecurity\nWe would like to acknowledge Marinos Bernitsas of Parachute for their\nassistance. \n\nTerminal\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nInstallation note:\n\nmacOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and\nSecurity Update 2018-005 Sierra may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EcGQ//\nQbUbTOZRgxcStGZjs+qdXjeaXI6i1MKaky7o/iYCXf87crFu79PCsXyPU1jeMvoS\ntgDxz7ornlyaxR4wcSYzfcuIeY2ZH+dkxc7JJHQbKTW1dWYHpXUUzzNm+Ay/Gtk+\n2EIAgJ9oUf8FARR5cmcKBZfLFVdc40vpM3bBCV4m2Kr5KiDsqZKdZTujBQRccAsO\nHKRbhDecw0WX/CfEbLprs86uIXFMIoifhmh8LMebjzIQn2ozoFG6R31vMMHeDpir\nzf0xlVCJrJy/XywmkodhBWWrUWcM0hfsJ8EmyIBwFEYUxFhOV3D+x3rStd2kjyNL\nLG9oWclxDkjImQXdrL8IRAQfZvcVQFZK2vSGCYfRN0LY105sxjPjeIsJ0RORzcSN\n2mlDR1UuTosk0GleDbmhv/ornfOc537UebwuHVWU5LpPNFkvY1Cv8zPrQAHewuod\nTmktkNuv2x2fgw9g7ntE88UBF9JMC+Ofs/FgJ67RkoT4R39P7VvaztHlmxmr/rIw\nTrSs7TDVqciz+DOMRKxyNPI1cpXM5ITCTvgbY4+RWwaFJzfgY+Gc+sldvVcb1x9I\nLlsI19MA0bsvi+ReOcLbWYuEHaVhVqZ7LndxR9m2gJ39L9jff+dOsSlznF4OLs+S\nt7Rz6i2mOpe6vXobkTUmml3m3zYIhL3XcdcYpw3U0F8=\n=uhgi\n-----END PGP SIGNATURE-----\n. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. \n\nTo fully resolve these vulnerabilities it is also necessary to install\nupdated CPU microcode (only available in Debian non-free). Common server\nclass CPUs are covered in the update released as DSA 4273-1. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.110-3+deb9u3. =========================================================================\nUbuntu Security Notice USN-3742-2\nAugust 14, 2018\n\nlinux-lts-trusty vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu\n12.04 ESM. \n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. A local\nattacker in a guest virtual machine could use this to expose sensitive\ninformation (memory from other guests or the host OS). (CVE-2018-3646)\n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. (CVE-2018-3620)\n\nAndrey Konovalov discovered an out-of-bounds read in the POSIX timers\nsubsystem in the Linux kernel. A local attacker could use this to cause a\ndenial of service (system crash) or expose sensitive information. A remote attacker could use this to cause a\ndenial of service. (CVE-2018-5390)\n\nJuha-Matti Tilli discovered that the IP implementation in the Linux kernel\nperformed algorithmically expensive operations in some situations when\nhandling incoming packet fragments. A remote attacker could use this to\ncause a denial of service. (CVE-2018-5391)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n linux-image-3.13.0-155-generic 3.13.0-155.206~precise1\n linux-image-3.13.0-155-generic-lpae 3.13.0-155.206~precise1\n linux-image-generic-lpae-lts-trusty 3.13.0.155.145\n linux-image-generic-lts-trusty 3.13.0.155.145\n\nPlease note that the recommended mitigation for CVE-2018-3646 involves\nupdating processor microcode in addition to updating the kernel;\nhowever, the kernel includes a fallback for processors that have not\nreceived microcode updates. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:2387-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:2387\nIssue date: 2018-08-14\nCVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Modern operating systems implement virtualization of physical memory to\nefficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was found\nin the way the x86 microprocessor designs have implemented speculative\nexecution of instructions (a commonly used performance optimisation) in\ncombination with handling of page-faults caused by terminated virtual to\nphysical address resolving process. As a result, an unprivileged attacker\ncould use this flaw to read privileged memory of the kernel or other\nprocesses and/or cross guest/host boundaries to read host memory by\nconducting targeted cache side-channel attacks. (CVE-2018-3620,\nCVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. \n\nBug Fix(es):\n\n* Previously, configurations with the little-endian variant of IBM Power\nSystems CPU architectures and Hard Disk Drives (HDD) designed according to\nNonvolatile Memory Express (NVMe) open standards, experienced crashes\nduring shutdown or reboot due to race conditions of CPUs. As a consequence,\nthe sysfs pseudo file system threw a stack trace report about an attempt to\ncreate a duplicate entry in sysfs. This update modifies the source code so\nthat the irq_dispose_mapping() function is called first and the\nmsi_bitmap_free_hwirqs() function is called afterwards. As a result, the\nrace condition no longer appears in the described scenario. (BZ#1570510)\n\n* When switching from the indirect branch speculation (IBRS) feature to the\nretpolines feature, the IBRS state of some CPUs was sometimes not handled\ncorrectly. Consequently, some CPUs were left with the IBRS Model-Specific\nRegister (MSR) bit set to 1, which could lead to performance issues. With\nthis update, the underlying source code has been fixed to clear the IBRS\nMSR bits correctly, thus fixing the bug. (BZ#1586147)\n\n* During a balloon reset, page pointers were not correctly initialized\nafter unmapping the memory. Consequently, on the VMware ESXi hypervisor\nwith \"Fault Tolerance\" and \"ballooning\" enabled, the following messages\nrepeatedly occurred in the kernel log:\n\n[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100()\n[3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)\n\nWith this update, the underlying source code has been fixed to initialize\npage pointers properly. As a result, the mm/vmalloc.c warnings no longer\noccur under the described circumstances. (BZ#1595600)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm\nperf-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm\nkernel-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-headers-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm\nperf-3.10.0-693.37.4.el7.s390x.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-3620\nhttps://access.redhat.com/security/cve/CVE-2018-3639\nhttps://access.redhat.com/security/cve/CVE-2018-3646\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/L1TF\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U\nOOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi\ndr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX\n96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL\nVNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl\nSpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN\nRiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU\nlIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW\niWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji\nuwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz\nmMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2\ndsE8Ald7hA4=scjp\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6.4) - x86_64\n\n3. (CVE-2018-3639)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Unfortunately, the update introduced regressions\nthat caused kernel panics when booting in some environments as well\nas preventing Java applications from starting. This update fixes\nthe problems. \n\nWe apologize for the inconvenience. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to the 3.10.0-693.37.1 source\ntree, which provides a number of bug fixes over the previous version. \n(BZ#1599860)\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3646"
},
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULMON",
"id": "CVE-2018-3646"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148908"
},
{
"db": "PACKETSTORM",
"id": "148912"
},
{
"db": "PACKETSTORM",
"id": "148952"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "VULHUB",
"id": "VHN-133677"
},
{
"db": "PACKETSTORM",
"id": "149010"
},
{
"db": "PACKETSTORM",
"id": "148914"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148991"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "PACKETSTORM",
"id": "148903"
}
],
"trust": 2.97
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-3646",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#982149",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-254686",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1041451",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1042004",
"trust": 1.2
},
{
"db": "BID",
"id": "105080",
"trust": 1.2
},
{
"db": "LENOVO",
"id": "LEN-24163",
"trust": 1.2
},
{
"db": "PACKETSTORM",
"id": "148991",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148896",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133677",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3646",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148915",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148908",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148912",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150108",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149010",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148914",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148902",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148906",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133677"
},
{
"db": "VULMON",
"id": "CVE-2018-3646"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148908"
},
{
"db": "PACKETSTORM",
"id": "148912"
},
{
"db": "PACKETSTORM",
"id": "148952"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "148903"
},
{
"db": "PACKETSTORM",
"id": "149010"
},
{
"db": "PACKETSTORM",
"id": "148914"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148991"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "NVD",
"id": "CVE-2018-3646"
}
]
},
"id": "VAR-201808-0957",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-133677"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T20:08:15.928000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/08/15/foreshadow_sgx_software_attestations_collateral_damage/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182387 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182388 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182389 - Security Advisory"
},
{
"title": "Red Hat: Important: rhev-hypervisor7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182404 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182391 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182603 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182602 - Security Advisory"
},
{
"title": "Red Hat: Important: rhvm-appliance security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182402 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182392 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182396 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182393 - Security Advisory"
},
{
"title": "Red Hat: Important: redhat-virtualization-host security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182403 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182394 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-4274-1 xen -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2129055bb51ebf11b86d56acef7f5da1"
},
{
"title": "Debian Security Advisories: DSA-4279-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dac4eea76febd76490afc049b9aa11cb"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182384 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3823-1"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182395 - Security Advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2018-3646"
},
{
"title": "Red Hat: CVE-2018-3646",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-3646"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182390 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-1"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-2"
},
{
"title": "Ubuntu Security Notice: intel-microcode vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3756-1"
},
{
"title": "Ubuntu Security Notice: linux regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-3"
},
{
"title": "Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-1"
},
{
"title": "Amazon Linux AMI: ALAS-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2018-1058"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-2"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-3"
},
{
"title": "Amazon Linux 2: ALAS2-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2018-1058"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=831545c255e00dbde24c93b2cf2135d6"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f295531b3aa99d37dbc53693639947d9"
},
{
"title": "HP: HPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03590"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=ba953f0879f87a755234bc0818c99c6d"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=deca5f6210b098f58ce384c28747b82c"
},
{
"title": "Huawei Security Advisories: Security Advisory - CPU Side Channel Vulnerability \"L1TF\"",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=28eb43a14c12e8c070afa60d55f86b55"
},
{
"title": "Cisco: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180814-cpusidechannel"
},
{
"title": "Forcepoint Security Advisories: Meltdown and Spectre Vulnerability CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2018-3640, CVE-2018-3639, CVE-2018-3615, CVE-2018-3620, CVE-2018-3646",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=459877525c31ac6029f4be4a6ea97e17"
},
{
"title": "Citrix Security Bulletins: XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=89d06253986d1cdae0f8d9ffbff97d18"
},
{
"title": "IBM: Potential Impact on Processors in the POWER Family",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=cf9e1e42799edbda36ec7415288ad7f0"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=75b9d198a73a91d81765c8b428423224"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=621cdbb127d953e0d9d06eff7dd10106"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=204a1aa9ebf7b5f47151e8b011269862"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=f655264a6935505d167bbf45f409a57b"
},
{
"title": "Palo Alto Networks Security Advisory: PAN-SA-2018-0011 Information about L1 Terminal Fault findings",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=74b853f8cd89b12964ff841924244a71"
},
{
"title": "Fortinet Security Advisories: Meltdown and Spectre class vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-18-002"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=05b5bbd6fb289370b459faf1f4e3919d"
},
{
"title": "IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=55ea315dfb69fce8383762ac64250315"
},
{
"title": "IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal\u2019s dependencies \u2013 Cumulative list from June 28, 2018 to December 13, 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=43da2cd72c1e378d8d94ecec029fcc61"
},
{
"title": "vmware-esxi-67",
"trust": 0.1,
"url": "https://github.com/casagency/vmware-esxi-67 "
},
{
"title": "711552870_s",
"trust": 0.1,
"url": "https://github.com/Qwhqfmmx/711552870_s "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/teusink/Home-Security-by-OS-Hardening "
},
{
"title": "Network_research_report",
"trust": 0.1,
"url": "https://github.com/dongminkim0220/Network_research_report "
},
{
"title": "Home-Security-by-W10-Hardening",
"trust": 0.1,
"url": "https://github.com/teusink/Home-Security-by-W10-Hardening "
},
{
"title": "l1tf-poc",
"trust": 0.1,
"url": "https://github.com/gregvish/l1tf-poc "
},
{
"title": "arch_linux_installation_guide",
"trust": 0.1,
"url": "https://github.com/kyberdrb/arch_linux_installation_guide "
},
{
"title": "711552870_s",
"trust": 0.1,
"url": "https://github.com/yoobao55/711552870_s "
},
{
"title": "l1tf-demo",
"trust": 0.1,
"url": "https://github.com/blitz/l1tf-demo "
},
{
"title": "lx-port-data",
"trust": 0.1,
"url": "https://github.com/omniosorg/lx-port-data "
},
{
"title": "win10-regtweak",
"trust": 0.1,
"url": "https://github.com/interlunar/win10-regtweak "
},
{
"title": "cpu-report",
"trust": 0.1,
"url": "https://github.com/rosenbergj/cpu-report "
},
{
"title": "specter---meltdown--checker",
"trust": 0.1,
"url": "https://github.com/vurtne/specter---meltdown--checker "
},
{
"title": "TEApot",
"trust": 0.1,
"url": "https://github.com/github-3rr0r/TEApot "
},
{
"title": "TEApot",
"trust": 0.1,
"url": "https://github.com/Mashiro1995/TEApot "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kali973/spectre-meltdown-checker "
},
{
"title": "puppet-meltdown",
"trust": 0.1,
"url": "https://github.com/timidri/puppet-meltdown "
},
{
"title": "cSpeculationControlFixes",
"trust": 0.1,
"url": "https://github.com/poshsecurity/cSpeculationControlFixes "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/es0j/hyperbleed "
},
{
"title": "Linux-Tools",
"trust": 0.1,
"url": "https://github.com/minutesinch/Linux-Tools "
},
{
"title": "spectre-meltdown",
"trust": 0.1,
"url": "https://github.com/edsonjt81/spectre-meltdown "
},
{
"title": "spectre-meltdown-checker",
"trust": 0.1,
"url": "https://github.com/speed47/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra25/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/merlinepedra/spectre-meltdown-checker "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kin-cho/my-spectre-meltdown-checker "
},
{
"title": "Hardware-and-Firmware-Security-Guidance",
"trust": 0.1,
"url": "https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance "
},
{
"title": "Firmware-Security",
"trust": 0.1,
"url": "https://github.com/virusbeeE/Firmware-Security "
},
{
"title": "hardware-attacks-state-of-the-art",
"trust": 0.1,
"url": "https://github.com/codexlynx/hardware-attacks-state-of-the-art "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-new-intel-microcode-for-windows-10-server-2016/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/researchers-disclose-new-foreshadow-l1tf-vulnerabilities-affecting-intel-cpus/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-3646"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133677"
},
{
"db": "NVD",
"id": "CVE-2018-3646"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"trust": 2.0,
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"trust": 2.0,
"url": "https://foreshadowattack.eu/"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/errata/rhsa-2018:2387"
},
{
"trust": 1.3,
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2018:2389"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2018:2393"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2018:2394"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2018:2396"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2018:2402"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/105080"
},
{
"trust": 1.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180814-cpusidechannel"
},
{
"trust": 1.2,
"url": "http://support.lenovo.com/us/en/solutions/len-24163"
},
{
"trust": 1.2,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"trust": 1.2,
"url": "http://www.vmware.com/security/advisories/vmsa-2018-0020.html"
},
{
"trust": 1.2,
"url": "http://xenbits.xen.org/xsa/advisory-273.html"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.2,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.2,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018"
},
{
"trust": 1.2,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0010"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"trust": 1.2,
"url": "https://support.f5.com/csp/article/k31300402"
},
{
"trust": 1.2,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.2,
"url": "https://www.synology.com/support/security/synology_sa_18_45"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2018/dsa-4274"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2018/dsa-4279"
},
{
"trust": 1.2,
"url": "https://security.freebsd.org/advisories/freebsd-sa-18:09.l1tf.asc"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"trust": 1.2,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.2,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2384"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2388"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2390"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2391"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2392"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2395"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2403"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2404"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2602"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2603"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1041451"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1042004"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3823-1/"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03874en_us"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/conference/usenixsecurity18/presentation/bulck"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/dam/www/public/us/en/documents/sa00115-microcode-update-guidance.pdf"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/vulnerabilities/l1tf"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2018-3646"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2018-3620"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5391"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5390"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/usn/usn-3742-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18344"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/usn/usn-3741-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10901"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10901"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03874en_us"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/casagency/vmware-esxi-67"
},
{
"trust": 0.1,
"url": "https://github.com/teusink/home-security-by-w10-hardening"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-155.205"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1019.19"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1021.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1019.19"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1017.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1015.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1020.22"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-32.35"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3740-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14064"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4334"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4326"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17405"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4291"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14033"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4295"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4242"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17742"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12613"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4287"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/linux"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-133.159"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1094.102"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1098.103"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1065.75"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1031.37"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3742-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-156.206"
},
{
"trust": 0.1,
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787258"
},
{
"trust": 0.1,
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787127,"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3741-3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133677"
},
{
"db": "VULMON",
"id": "CVE-2018-3646"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148908"
},
{
"db": "PACKETSTORM",
"id": "148912"
},
{
"db": "PACKETSTORM",
"id": "148952"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "148903"
},
{
"db": "PACKETSTORM",
"id": "149010"
},
{
"db": "PACKETSTORM",
"id": "148914"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148991"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "NVD",
"id": "CVE-2018-3646"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#982149",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-133677",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2018-3646",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148915",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148908",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148912",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148952",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "150108",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148903",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "149010",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148914",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148917",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148902",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148905",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148991",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "148906",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-3646",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-08-15T00:00:00",
"db": "CERT/CC",
"id": "VU#982149",
"ident": null
},
{
"date": "2018-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-133677",
"ident": null
},
{
"date": "2018-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3646",
"ident": null
},
{
"date": "2018-08-15T04:42:52",
"db": "PACKETSTORM",
"id": "148915",
"ident": null
},
{
"date": "2018-08-15T04:40:53",
"db": "PACKETSTORM",
"id": "148908",
"ident": null
},
{
"date": "2018-08-15T04:42:35",
"db": "PACKETSTORM",
"id": "148912",
"ident": null
},
{
"date": "2018-08-16T14:16:41",
"db": "PACKETSTORM",
"id": "148952",
"ident": null
},
{
"date": "2018-10-31T15:50:04",
"db": "PACKETSTORM",
"id": "150108",
"ident": null
},
{
"date": "2018-08-15T04:39:03",
"db": "PACKETSTORM",
"id": "148903",
"ident": null
},
{
"date": "2018-08-20T17:06:29",
"db": "PACKETSTORM",
"id": "149010",
"ident": null
},
{
"date": "2018-08-15T04:42:46",
"db": "PACKETSTORM",
"id": "148914",
"ident": null
},
{
"date": "2018-08-15T04:43:02",
"db": "PACKETSTORM",
"id": "148917",
"ident": null
},
{
"date": "2018-08-15T04:38:57",
"db": "PACKETSTORM",
"id": "148902",
"ident": null
},
{
"date": "2018-08-15T04:39:57",
"db": "PACKETSTORM",
"id": "148905",
"ident": null
},
{
"date": "2018-08-18T20:21:00",
"db": "PACKETSTORM",
"id": "148991",
"ident": null
},
{
"date": "2018-08-15T04:40:04",
"db": "PACKETSTORM",
"id": "148906",
"ident": null
},
{
"date": "2018-08-14T19:29:00.920000",
"db": "NVD",
"id": "CVE-2018-3646",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#982149",
"ident": null
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133677",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3646",
"ident": null
},
{
"date": "2024-11-21T04:05:50.020000",
"db": "NVD",
"id": "CVE-2018-3646",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148912"
},
{
"db": "PACKETSTORM",
"id": "148914"
},
{
"db": "PACKETSTORM",
"id": "148917"
}
],
"trust": 0.4
},
"title": {
"_id": null,
"data": "Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)",
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "bypass",
"sources": [
{
"db": "PACKETSTORM",
"id": "148903"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "148905"
}
],
"trust": 0.3
}
}
WID-SEC-W-2025-1212
Vulnerability from csaf_certbund - Published: 2019-04-16 22:00 - Updated: 2025-06-02 22:00Summary
Oracle Communications Applications: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an.
Oracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation.
Oracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen ermöglicht.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Communications Policy Management 12.2
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.2
|
12.2 | |
|
Oracle Communications Unified Inventory Management 7.4.0
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.4.0
|
7.4.0 | |
|
Oracle Communications LSMS 13.3
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.3
|
13.3 | |
|
Oracle Communications Unified Inventory Management 7.3.4
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.4
|
7.3.4 | |
|
Oracle Communications LSMS 13.1
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.1
|
13.1 | |
|
Oracle Communications Messaging Server 8.1
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.1
|
8.1 | |
|
Oracle Communications EAGLE LNP Application Processor 10.2
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2
|
10.2 | |
|
Oracle Communications Unified Inventory Management 7.3.5
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.5
|
7.3.5 | |
|
Oracle Communications LSMS 13.2
Oracle / Communications LSMS
|
cpe:/a:oracle:communications_lsms:13.2
|
13.2 | |
|
Oracle Communications Unified Inventory Management 7.3.2
oracle / communications_unified_inventory_management
|
cpe:/a:oracle:communications_unified_inventory_management:7.3.2
|
7.3.2 | |
|
Oracle Communications EAGLE LNP Application Processor 10.0
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0
|
10 | |
|
Oracle Communications Session Border Controller 8.1.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.1.0
|
8.1.0 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Oracle Communications EAGLE LNP Application Processor 10.1
Oracle / Communications EAGLE LNP Application Processor
|
cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1
|
10.1 | |
|
Oracle Communications Session Border Controller 8.0.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.0.0
|
8.0.0 | |
|
Oracle Communications Policy Management 12.4
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.4
|
12.4 | |
|
Oracle Communications Session Border Controller 8.2.0
Oracle / Communications Session Border Controller
|
cpe:/a:oracle:communications_session_border_controller:8.2.0
|
8.2.0 | |
|
Oracle Communications Policy Management 12.1
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.1
|
12.1 | |
|
Oracle Communications Policy Management 12.3
Oracle / Communications Policy Management
|
cpe:/a:oracle:communications_policy_management:12.3
|
12.3 | |
|
Oracle Enterprise Communications Broker 3.1.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.1.0
|
3.1.0 | |
|
Oracle Communications Messaging Server 8.0
Oracle / Communications Messaging Server
|
cpe:/a:oracle:communications_messaging_server:8.0
|
8 | |
|
Oracle Enterprise Communications Broker 3.0.0
Oracle / Enterprise Communications Broker
|
cpe:/a:oracle:enterprise_communications_broker:3.0.0
|
3.0.0 | |
|
Oracle Communications Service Broker 6.0
Oracle / Communications Service Broker
|
cpe:/a:oracle:communications_service_broker:6.0
|
6 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Mit der Unified Communications Suite bietet Oracle eine Messaging- und Collaboration-Plattform an.\r\nOracle Communications Policy Management ist ein Produkt von Oracle und vereint mehrere Bereiche der Kommunikation.\r\nOracle Communications Unified Inventory Management (UIM) ist eine offene, standardbasierte Anwendung, die eine Bestandsaufnahme von Kommunikationsdiensten und -ressourcen erm\u00f6glicht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1212 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2025-1212.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1212 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1212"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2019 vom 2019-04-16",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixCGBU"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4218-1 vom 2019-12-11",
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Oracle Communications Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-02T22:00:00.000+00:00",
"generator": {
"date": "2025-06-03T09:23:36.426+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-1212",
"initial_release_date": "2019-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-04-17T22:00:00.000+00:00",
"number": "2",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2019-12-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.0",
"product_id": "T014014",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0"
}
}
},
{
"category": "product_version",
"name": "10.1",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.1",
"product_id": "T014015",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.1"
}
}
},
{
"category": "product_version",
"name": "10.2",
"product": {
"name": "Oracle Communications EAGLE LNP Application Processor 10.2",
"product_id": "T014016",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_eagle_lnp_application_processor:10.2"
}
}
}
],
"category": "product_name",
"name": "Communications EAGLE LNP Application Processor"
},
{
"branches": [
{
"category": "product_version",
"name": "13.1",
"product": {
"name": "Oracle Communications LSMS 13.1",
"product_id": "T006217",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.1"
}
}
},
{
"category": "product_version",
"name": "13.2",
"product": {
"name": "Oracle Communications LSMS 13.2",
"product_id": "T014017",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.2"
}
}
},
{
"category": "product_version",
"name": "13.3",
"product": {
"name": "Oracle Communications LSMS 13.3",
"product_id": "T014018",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_lsms:13.3"
}
}
}
],
"category": "product_name",
"name": "Communications LSMS"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1",
"product": {
"name": "Oracle Communications Messaging Server 8.1",
"product_id": "T014019",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_messaging_server:8.1"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Oracle Communications Messaging Server 8.0",
"product_id": "T014020",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_messaging_server:8.0"
}
}
}
],
"category": "product_name",
"name": "Communications Messaging Server"
},
{
"branches": [
{
"category": "product_version",
"name": "12.2",
"product": {
"name": "Oracle Communications Policy Management 12.2",
"product_id": "T009732",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.2"
}
}
},
{
"category": "product_version",
"name": "12.1",
"product": {
"name": "Oracle Communications Policy Management 12.1",
"product_id": "T014021",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.1"
}
}
},
{
"category": "product_version",
"name": "12.3",
"product": {
"name": "Oracle Communications Policy Management 12.3",
"product_id": "T014022",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.3"
}
}
},
{
"category": "product_version",
"name": "12.4",
"product": {
"name": "Oracle Communications Policy Management 12.4",
"product_id": "T014023",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_policy_management:12.4"
}
}
}
],
"category": "product_name",
"name": "Communications Policy Management"
},
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Oracle Communications Service Broker 6.0",
"product_id": "329193",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_service_broker:6.0"
}
}
}
],
"category": "product_name",
"name": "Communications Service Broker"
},
{
"branches": [
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.2.0",
"product_id": "T014024",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.2.0"
}
}
},
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.1.0",
"product_id": "T014025",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.1.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0",
"product": {
"name": "Oracle Communications Session Border Controller 8.0.0",
"product_id": "T014026",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_session_border_controller:8.0.0"
}
}
}
],
"category": "product_name",
"name": "Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1.0",
"product": {
"name": "Oracle Enterprise Communications Broker 3.1.0",
"product_id": "T014030",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:enterprise_communications_broker:3.1.0"
}
}
},
{
"category": "product_version",
"name": "3.0.0",
"product": {
"name": "Oracle Enterprise Communications Broker 3.0.0",
"product_id": "T014031",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:enterprise_communications_broker:3.0.0"
}
}
}
],
"category": "product_name",
"name": "Enterprise Communications Broker"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.4.0",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.4.0",
"product_id": "T013407",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.4.0"
}
}
},
{
"category": "product_version",
"name": "7.3.5",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.5",
"product_id": "T014027",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.5"
}
}
},
{
"category": "product_version",
"name": "7.3.2",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.2",
"product_id": "T014028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.2"
}
}
},
{
"category": "product_version",
"name": "7.3.4",
"product": {
"name": "Oracle Communications Unified Inventory Management 7.3.4",
"product_id": "T014029",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_unified_inventory_management:7.3.4"
}
}
}
],
"category": "product_name",
"name": "communications_unified_inventory_management"
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-1000031",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1000031"
},
{
"cve": "CVE-2016-1181",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1181"
},
{
"cve": "CVE-2016-1182",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1182"
},
{
"cve": "CVE-2016-7055",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-7055"
},
{
"cve": "CVE-2016-8735",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-8735"
},
{
"cve": "CVE-2017-0861",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-12617",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-12617"
},
{
"cve": "CVE-2017-15265",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-15265"
},
{
"cve": "CVE-2017-3730",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3730"
},
{
"cve": "CVE-2017-3731",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3731"
},
{
"cve": "CVE-2017-3732",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2017-3733",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3733"
},
{
"cve": "CVE-2017-3735",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3736",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-3738",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-5645",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5645"
},
{
"cve": "CVE-2017-5664",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5664"
},
{
"cve": "CVE-2017-5753",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2017-5754",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5754"
},
{
"cve": "CVE-2017-7525",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-7525"
},
{
"cve": "CVE-2018-0732",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2018-0733",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0733"
},
{
"cve": "CVE-2018-0734",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-0737",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0737"
},
{
"cve": "CVE-2018-0739",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-0739"
},
{
"cve": "CVE-2018-1000004",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000004"
},
{
"cve": "CVE-2018-1000180",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000180"
},
{
"cve": "CVE-2018-1000613",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000613"
},
{
"cve": "CVE-2018-10901",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-10901"
},
{
"cve": "CVE-2018-11039",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11039"
},
{
"cve": "CVE-2018-11040",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11040"
},
{
"cve": "CVE-2018-11218",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11218"
},
{
"cve": "CVE-2018-11219",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11219"
},
{
"cve": "CVE-2018-11236",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11236"
},
{
"cve": "CVE-2018-11237",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11237"
},
{
"cve": "CVE-2018-11784",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11784"
},
{
"cve": "CVE-2018-12384",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12384"
},
{
"cve": "CVE-2018-12404",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12404"
},
{
"cve": "CVE-2018-1257",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1257"
},
{
"cve": "CVE-2018-1258",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1258"
},
{
"cve": "CVE-2018-16864",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16864"
},
{
"cve": "CVE-2018-16865",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16865"
},
{
"cve": "CVE-2018-16890",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-16890"
},
{
"cve": "CVE-2018-3620",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3620"
},
{
"cve": "CVE-2018-3646",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3646"
},
{
"cve": "CVE-2018-3693",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3693"
},
{
"cve": "CVE-2018-6485",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-6485"
},
{
"cve": "CVE-2018-7489",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-7489"
},
{
"cve": "CVE-2018-7566",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-7566"
},
{
"cve": "CVE-2019-3822",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-3822"
},
{
"cve": "CVE-2019-3823",
"product_status": {
"known_affected": [
"T009732",
"T013407",
"T014018",
"T014029",
"T006217",
"T014019",
"T014016",
"T014027",
"T014017",
"T014028",
"T014014",
"T014025",
"T002977",
"T014015",
"T014026",
"T014023",
"T014024",
"T014021",
"T014022",
"T014030",
"T014020",
"T014031",
"329193",
"T000126"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-3823"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…