Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-10220 (GCVE-0-2019-10220)
Vulnerability from cvelistv5 – Published: 2019-11-27 15:30 – Updated: 2024-08-04 22:17
VLAI
EPSS
Summary
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
Severity
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2020010… | x_refsource_CONFIRM |
| https://usn.ubuntu.com/4226-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:19.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0001/"
},
{
"name": "USN-4226-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel:",
"vendor": "SUSE",
"versions": [
{
"status": "affected",
"version": "kernel version 4.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T19:06:30.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0001/"
},
{
"name": "USN-4226-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4226-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-10220",
"datePublished": "2019-11-27T15:30:15.000Z",
"dateReserved": "2019-03-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:17:19.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-10220",
"date": "2026-05-29",
"epss": "0.00744",
"percentile": "0.73324"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-10220\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-11-27T16:15:11.300\",\"lastModified\":\"2024-11-21T04:18:41.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n CIFS del kernel de Linux, versi\u00f3n 4.9.0, es vulnerable a una inyecci\u00f3n de rutas relativas en las listas de entradas de directorio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.12\",\"versionEndExcluding\":\"3.16.81\",\"matchCriteriaId\":\"A2881FCA-BFA1-46FC-9D10-9ACAD717BD8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"4.4.208\",\"matchCriteriaId\":\"B5795B12-1991-4BF1-81EF-498AF9DE37C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.208\",\"matchCriteriaId\":\"89D3D7F8-1028-4C91-A81E-BC4DBD2B856A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.162\",\"matchCriteriaId\":\"4B24E01B-7309-49A0-B946-5631C9F9AFD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.93\",\"matchCriteriaId\":\"F64968FF-CF56-4EB6-9B04-7EB5320F4436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.3.8\",\"matchCriteriaId\":\"6565D881-E407-4758-A217-2857C6A12DC5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10220\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200103-0001/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200103-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
SUSE-SU-2019:3230-1
Vulnerability from csaf_suse - Published: 2019-12-10 09:16 - Updated: 2019-12-10 09:16Summary
Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.180-94_103 fixes several issues.
The following security issues were fixed:
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
The following bugs were fixed:
- Fixed boot up hang revealed by int3 self test (bsc#1157770).
Patchnames: SUSE-2019-3230,SUSE-SLE-Live-Patching-12-SP4-2019-3226,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3218,SUSE-SLE-SAP-12-SP3-2019-3230,SUSE-SLE-SERVER-12-SP3-2019-3230
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.180-94_103 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed:\n\n- Fixed boot up hang revealed by int3 self test (bsc#1157770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3230,SUSE-SLE-Live-Patching-12-SP4-2019-3226,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3218,SUSE-SLE-SAP-12-SP3-2019-3230,SUSE-SLE-SERVER-12-SP3-2019-3230",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3230-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3230-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193230-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3230-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006235.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156317",
"url": "https://bugzilla.suse.com/1156317"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1157770",
"url": "https://bugzilla.suse.com/1157770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15239 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15239/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2019-12-10T09:16:32Z",
"generator": {
"date": "2019-12-10T09:16:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3230-1",
"initial_release_date": "2019-12-10T09:16:32Z",
"revision_history": [
{
"date": "2019-12-10T09:16:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"product_id": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"product_id": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:16:32Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:16:32Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15239",
"url": "https://www.suse.com/security/cve/CVE-2019-15239"
},
{
"category": "external",
"summary": "SUSE Bug 1146589 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1146589"
},
{
"category": "external",
"summary": "SUSE Bug 1156317 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1156317"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-6-2.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_103-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:16:32Z",
"details": "moderate"
}
],
"title": "CVE-2019-15239"
}
]
}
SUSE-SU-2019:3232-1
Vulnerability from csaf_suse - Published: 2019-12-10 09:17 - Updated: 2019-12-10 09:17Summary
Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)
Description of the patch: This update for the Linux Kernel 4.4.121-92_101 fixes several issues.
The following security issues were fixed:
- CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by
leveraging certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3232,SUSE-SLE-SAP-12-SP2-2019-3232,SUSE-SLE-SERVER-12-SP2-2019-3232
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.121-92_101 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331). \n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by \n leveraging certain scenarios with a parent-child process relationship (bsc#1156321). \n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108). \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3232,SUSE-SLE-SAP-12-SP2-2019-3232,SUSE-SLE-SERVER-12-SP2-2019-3232",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3232-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3232-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193232-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3232-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006227.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1156331",
"url": "https://bugzilla.suse.com/1156331"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20856 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)",
"tracking": {
"current_release_date": "2019-12-10T09:17:52Z",
"generator": {
"date": "2019-12-10T09:17:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3232-1",
"initial_release_date": "2019-12-10T09:17:52Z",
"revision_history": [
{
"date": "2019-12-10T09:17:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"product": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"product_id": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"product_id": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20856"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20856",
"url": "https://www.suse.com/security/cve/CVE-2018-20856"
},
{
"category": "external",
"summary": "SUSE Bug 1143048 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1143048"
},
{
"category": "external",
"summary": "SUSE Bug 1156331 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1156331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:17:52Z",
"details": "important"
}
],
"title": "CVE-2018-20856"
},
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:17:52Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-7-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:17:52Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
}
]
}
SUSE-SU-2019:3233-1
Vulnerability from csaf_suse - Published: 2019-12-10 09:20 - Updated: 2019-12-10 09:20Summary
Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP1)
Description of the patch: This update for the Linux Kernel 3.12.74-60_64_121 fixes several issues.
The following security issues were fixed:
- CVE-2019-15917: Fixed a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c (bsc#1156334).
- CVE-2019-10220: Fixed Samba servers that can inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3233,SUSE-SLE-SAP-12-SP1-2019-3233,SUSE-SLE-SAP-12-SP1-2019-3234,SUSE-SLE-SAP-12-SP1-2019-3235,SUSE-SLE-SAP-12-SP1-2019-3236,SUSE-SLE-SERVER-12-SP1-2019-3233,SUSE-SLE-SERVER-12-SP1-2019-3234,SUSE-SLE-SERVER-12-SP1-2019-3235,SUSE-SLE-SERVER-12-SP1-2019-3236
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.74-60_64_121 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-15917: Fixed a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c (bsc#1156334).\n- CVE-2019-10220: Fixed Samba servers that can inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3233,SUSE-SLE-SAP-12-SP1-2019-3233,SUSE-SLE-SAP-12-SP1-2019-3234,SUSE-SLE-SAP-12-SP1-2019-3235,SUSE-SLE-SAP-12-SP1-2019-3236,SUSE-SLE-SERVER-12-SP1-2019-3233,SUSE-SLE-SERVER-12-SP1-2019-3234,SUSE-SLE-SERVER-12-SP1-2019-3235,SUSE-SLE-SERVER-12-SP1-2019-3236",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3233-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3233-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193233-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3233-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006224.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156334",
"url": "https://bugzilla.suse.com/1156334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15917 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15917/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP1)",
"tracking": {
"current_release_date": "2019-12-10T09:20:21Z",
"generator": {
"date": "2019-12-10T09:20:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3233-1",
"initial_release_date": "2019-12-10T09:20:21Z",
"revision_history": [
{
"date": "2019-12-10T09:20:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:20:21Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-15917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15917"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15917",
"url": "https://www.suse.com/security/cve/CVE-2019-15917"
},
{
"category": "external",
"summary": "SUSE Bug 1149539 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1149539"
},
{
"category": "external",
"summary": "SUSE Bug 1156334 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1156334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-7-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-default-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_115-xen-6-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_118-xen-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-default-4-2.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_121-xen-4-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-10T09:20:21Z",
"details": "important"
}
],
"title": "CVE-2019-15917"
}
]
}
SUSE-SU-2019:3246-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:04 - Updated: 2019-12-11 10:04Summary
Security update for the Linux Kernel (Live Patch 8 for SLE 15)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 8 for SLE 15)
Description of the patch: This update for the Linux Kernel 4.12.14-25_28 fixes several issues.
The following security issues were fixed:
- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging
certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2018-16871: Fixed an issue where an attacker, who could mount an exported NFS filesystem, was able to trigger a
null pointer dereference by using an invalid NFS sequence leading to kernel panic and deny of access to the NFS server
(bsc#1156320).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3246,SUSE-SLE-Module-Live-Patching-15-2019-3246
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 8 for SLE 15)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-25_28 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging\n certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2018-16871: Fixed an issue where an attacker, who could mount an exported NFS filesystem, was able to trigger a \n null pointer dereference by using an invalid NFS sequence leading to kernel panic and deny of access to the NFS server\n (bsc#1156320).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3246,SUSE-SLE-Module-Live-Patching-15-2019-3246",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3246-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3246-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193246-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3246-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006237.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156320",
"url": "https://bugzilla.suse.com/1156320"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1156334",
"url": "https://bugzilla.suse.com/1156334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16871 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15917 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15917/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 8 for SLE 15)",
"tracking": {
"current_release_date": "2019-12-11T10:04:48Z",
"generator": {
"date": "2019-12-11T10:04:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3246-1",
"initial_release_date": "2019-12-11T10:04:48Z",
"revision_history": [
{
"date": "2019-12-11T10:04:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16871"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16871",
"url": "https://www.suse.com/security/cve/CVE-2018-16871"
},
{
"category": "external",
"summary": "SUSE Bug 1137103 for CVE-2018-16871",
"url": "https://bugzilla.suse.com/1137103"
},
{
"category": "external",
"summary": "SUSE Bug 1156320 for CVE-2018-16871",
"url": "https://bugzilla.suse.com/1156320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:04:48Z",
"details": "moderate"
}
],
"title": "CVE-2018-16871"
},
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:04:48Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:04:48Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15917"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15917",
"url": "https://www.suse.com/security/cve/CVE-2019-15917"
},
{
"category": "external",
"summary": "SUSE Bug 1149539 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1149539"
},
{
"category": "external",
"summary": "SUSE Bug 1156334 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1156334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:04:48Z",
"details": "important"
}
],
"title": "CVE-2019-15917"
}
]
}
SUSE-SU-2019:3247-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:05 - Updated: 2019-12-11 10:05Summary
Security update for the Linux Kernel (Live Patch 9 for SLE 15)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 9 for SLE 15)
Description of the patch: This update for the Linux Kernel 4.12.14-150_14 fixes several issues.
The following security issues were fixed:
- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging
certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3247,SUSE-SLE-Module-Live-Patching-15-2019-3247
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 9 for SLE 15)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150_14 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging\n certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3247,SUSE-SLE-Module-Live-Patching-15-2019-3247",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3247-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3247-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193247-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3247-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006240.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1156334",
"url": "https://bugzilla.suse.com/1156334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15917 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15917/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 9 for SLE 15)",
"tracking": {
"current_release_date": "2019-12-11T10:05:27Z",
"generator": {
"date": "2019-12-11T10:05:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3247-1",
"initial_release_date": "2019-12-11T10:05:27Z",
"revision_history": [
{
"date": "2019-12-11T10:05:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:05:27Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:05:27Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15917"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15917",
"url": "https://www.suse.com/security/cve/CVE-2019-15917"
},
{
"category": "external",
"summary": "SUSE Bug 1149539 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1149539"
},
{
"category": "external",
"summary": "SUSE Bug 1156334 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1156334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_14-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:05:27Z",
"details": "important"
}
],
"title": "CVE-2019-15917"
}
]
}
SUSE-SU-2019:3248-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:07 - Updated: 2019-12-11 10:07Summary
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-195 fixes several issues.
The following security issues were fixed:
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging
certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3248,SUSE-SLE-Module-Live-Patching-15-2019-3248,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3250
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-195 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging\n certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3248,SUSE-SLE-Module-Live-Patching-15-2019-3248,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3250",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3248-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3248-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193248-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3248-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006242.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2019-12-11T10:07:16Z",
"generator": {
"date": "2019-12-11T10:07:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3248-1",
"initial_release_date": "2019-12-11T10:07:16Z",
"revision_history": [
{
"date": "2019-12-11T10:07:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64",
"product_id": "kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-195-default-8-22.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-195-default-8-22.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:07:16Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-195-default-8-22.2.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_17-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:07:16Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
}
]
}
SUSE-SU-2019:3249-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:07 - Updated: 2019-12-11 10:07Summary
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-197_4 fixes several issues.
The following security issues were fixed:
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
The following bugs were fixed:
- Fixed boot up hang revealed by int3 self test (bsc#1157770).
Patchnames: SUSE-2019-3249,SUSE-SLE-Live-Patching-12-SP4-2019-3254,SUSE-SLE-Module-Live-Patching-15-2019-3249,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3251
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-197_4 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed:\n\n- Fixed boot up hang revealed by int3 self test (bsc#1157770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3249,SUSE-SLE-Live-Patching-12-SP4-2019-3254,SUSE-SLE-Module-Live-Patching-15-2019-3249,SUSE-SLE-Module-Live-Patching-15-SP1-2019-3251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3249-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3249-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193249-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3249-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006245.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156317",
"url": "https://bugzilla.suse.com/1156317"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1157770",
"url": "https://bugzilla.suse.com/1157770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15239 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15239/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2019-12-11T10:07:51Z",
"generator": {
"date": "2019-12-11T10:07:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3249-1",
"initial_release_date": "2019-12-11T10:07:51Z",
"revision_history": [
{
"date": "2019-12-11T10:07:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15239",
"url": "https://www.suse.com/security/cve/CVE-2019-15239"
},
{
"category": "external",
"summary": "SUSE Bug 1146589 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1146589"
},
{
"category": "external",
"summary": "SUSE Bug 1156317 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1156317"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_24-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:07:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-15239"
}
]
}
SUSE-SU-2019:3252-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:09 - Updated: 2019-12-11 10:09Summary
Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP4)
Description of the patch: This update for the Linux Kernel 4.12.14-95_3 fixes several issues.
The following security issues were fixed:
- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).
- CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling (bsc#1156331).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging
certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2018-16871: Fixed an issue where an attacker, who could mount an exported NFS filesystem, was able to trigger a
null pointer dereference by using an invalid NFS sequence leading to kernel panic and deny of access to the NFS server
(bsc#1156320).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3252,SUSE-SLE-Live-Patching-12-SP4-2019-3252,SUSE-SLE-Live-Patching-12-SP4-2019-3253
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
30 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-95_3 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2019-15917: Fixed a use-after-free when hci_uart_register_dev() fails in hci_uart_set_proto() (bsc#1156334).\n- CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling (bsc#1156331).\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging\n certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2018-16871: Fixed an issue where an attacker, who could mount an exported NFS filesystem, was able to trigger a \n null pointer dereference by using an invalid NFS sequence leading to kernel panic and deny of access to the NFS server\n (bsc#1156320). \n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3252,SUSE-SLE-Live-Patching-12-SP4-2019-3252,SUSE-SLE-Live-Patching-12-SP4-2019-3253",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3252-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3252-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193252-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3252-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006236.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156320",
"url": "https://bugzilla.suse.com/1156320"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1156331",
"url": "https://bugzilla.suse.com/1156331"
},
{
"category": "self",
"summary": "SUSE Bug 1156334",
"url": "https://bugzilla.suse.com/1156334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16871 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20856 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15917 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15917/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP4)",
"tracking": {
"current_release_date": "2019-12-11T10:09:04Z",
"generator": {
"date": "2019-12-11T10:09:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3252-1",
"initial_release_date": "2019-12-11T10:09:04Z",
"revision_history": [
{
"date": "2019-12-11T10:09:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"product_id": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64",
"product_id": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16871"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16871",
"url": "https://www.suse.com/security/cve/CVE-2018-16871"
},
{
"category": "external",
"summary": "SUSE Bug 1137103 for CVE-2018-16871",
"url": "https://bugzilla.suse.com/1137103"
},
{
"category": "external",
"summary": "SUSE Bug 1156320 for CVE-2018-16871",
"url": "https://bugzilla.suse.com/1156320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2018-16871"
},
{
"cve": "CVE-2018-20856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20856"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20856",
"url": "https://www.suse.com/security/cve/CVE-2018-20856"
},
{
"category": "external",
"summary": "SUSE Bug 1143048 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1143048"
},
{
"category": "external",
"summary": "SUSE Bug 1156331 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1156331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:09:04Z",
"details": "important"
}
],
"title": "CVE-2018-20856"
},
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15917"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15917",
"url": "https://www.suse.com/security/cve/CVE-2019-15917"
},
{
"category": "external",
"summary": "SUSE Bug 1149539 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1149539"
},
{
"category": "external",
"summary": "SUSE Bug 1156334 for CVE-2019-15917",
"url": "https://bugzilla.suse.com/1156334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-9-2.25.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-8-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:09:04Z",
"details": "important"
}
],
"title": "CVE-2019-15917"
}
]
}
SUSE-SU-2019:3255-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:10 - Updated: 2019-12-11 10:10Summary
Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP4)
Description of the patch: This update for the Linux Kernel 4.12.14-95_32 fixes several issues.
The following security issue was fixed:
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
The following bugs were fixed:
- Fixed boot up hang revealed by int3 self test (bsc#1157770).
Patchnames: SUSE-2019-3255,SUSE-SLE-Live-Patching-12-SP4-2019-3255
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-95_32 fixes several issues.\n\nThe following security issue was fixed:\n\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed:\n\n- Fixed boot up hang revealed by int3 self test (bsc#1157770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3255,SUSE-SLE-Live-Patching-12-SP4-2019-3255",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3255-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3255-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193255-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3255-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006241.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1157770",
"url": "https://bugzilla.suse.com/1157770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP4)",
"tracking": {
"current_release_date": "2019-12-11T10:10:16Z",
"generator": {
"date": "2019-12-11T10:10:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3255-1",
"initial_release_date": "2019-12-11T10:10:16Z",
"revision_history": [
{
"date": "2019-12-11T10:10:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_32-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
}
]
}
SUSE-SU-2019:3258-1
Vulnerability from csaf_suse - Published: 2019-12-11 10:12 - Updated: 2019-12-11 10:12Summary
Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.178-94_91 fixes several issues.
The following security issues were fixed:
- CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling (bsc#1156331).
- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging
certain scenarios with a parent-child process relationship (bsc#1156321).
- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions
resulted in privilege escalation (bsc#1156317).
- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).
Patchnames: SUSE-2019-3258,SUSE-SLE-SAP-12-SP3-2019-3256,SUSE-SLE-SAP-12-SP3-2019-3257,SUSE-SLE-SAP-12-SP3-2019-3258,SUSE-SLE-SERVER-12-SP3-2019-3256,SUSE-SLE-SERVER-12-SP3-2019-3257,SUSE-SLE-SERVER-12-SP3-2019-3258
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.178-94_91 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling (bsc#1156331).\n- CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging\n certain scenarios with a parent-child process relationship (bsc#1156321).\n- CVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions \n resulted in privilege escalation (bsc#1156317).\n- CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-3258,SUSE-SLE-SAP-12-SP3-2019-3256,SUSE-SLE-SAP-12-SP3-2019-3257,SUSE-SLE-SAP-12-SP3-2019-3258,SUSE-SLE-SERVER-12-SP3-2019-3256,SUSE-SLE-SERVER-12-SP3-2019-3257,SUSE-SLE-SERVER-12-SP3-2019-3258",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3258-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:3258-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193258-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:3258-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006244.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153108",
"url": "https://bugzilla.suse.com/1153108"
},
{
"category": "self",
"summary": "SUSE Bug 1156317",
"url": "https://bugzilla.suse.com/1156317"
},
{
"category": "self",
"summary": "SUSE Bug 1156321",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "self",
"summary": "SUSE Bug 1156331",
"url": "https://bugzilla.suse.com/1156331"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20856 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13272 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15239 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15239/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2019-12-11T10:12:24Z",
"generator": {
"date": "2019-12-11T10:12:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:3258-1",
"initial_release_date": "2019-12-11T10:12:24Z",
"revision_history": [
{
"date": "2019-12-11T10:12:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"product": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"product_id": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"product": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"product_id": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"product": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"product_id": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"product": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"product_id": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"product": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"product_id": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"product": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"product_id": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20856"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20856",
"url": "https://www.suse.com/security/cve/CVE-2018-20856"
},
{
"category": "external",
"summary": "SUSE Bug 1143048 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1143048"
},
{
"category": "external",
"summary": "SUSE Bug 1156331 for CVE-2018-20856",
"url": "https://bugzilla.suse.com/1156331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:12:24Z",
"details": "important"
}
],
"title": "CVE-2018-20856"
},
{
"cve": "CVE-2019-10220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10220"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10220",
"url": "https://www.suse.com/security/cve/CVE-2019-10220"
},
{
"category": "external",
"summary": "SUSE Bug 1144903 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1144903"
},
{
"category": "external",
"summary": "SUSE Bug 1153108 for CVE-2019-10220",
"url": "https://bugzilla.suse.com/1153108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:12:24Z",
"details": "moderate"
}
],
"title": "CVE-2019-10220"
},
{
"cve": "CVE-2019-13272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit\u0027s pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13272",
"url": "https://www.suse.com/security/cve/CVE-2019-13272"
},
{
"category": "external",
"summary": "SUSE Bug 1140671 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1140671"
},
{
"category": "external",
"summary": "SUSE Bug 1156321 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1156321"
},
{
"category": "external",
"summary": "SUSE Bug 1198122 for CVE-2019-13272",
"url": "https://bugzilla.suse.com/1198122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:12:24Z",
"details": "moderate"
}
],
"title": "CVE-2019-13272"
},
{
"cve": "CVE-2019-15239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15239",
"url": "https://www.suse.com/security/cve/CVE-2019-15239"
},
{
"category": "external",
"summary": "SUSE Bug 1146589 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1146589"
},
{
"category": "external",
"summary": "SUSE Bug 1156317 for CVE-2019-15239",
"url": "https://bugzilla.suse.com/1156317"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-7-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-6-2.5.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-6-2.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-12-11T10:12:24Z",
"details": "moderate"
}
],
"title": "CVE-2019-15239"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…