SUSE-SU-2022:2478-1
Vulnerability from csaf_suse - Published: 2022-07-21 09:20 - Updated: 2022-07-21 09:20Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).
- CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).
- CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
- CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
- CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604).
- CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013).
- CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).
- CVE-2017-16525: Fixed a use-after-free after failed setup in usb/serial/console (bsc#1066618).
The following non-security bugs were fixed:
- exec: Force single empty string when argv is empty (bsc#1200571).
Patchnames: SUSE-2022-2478,SUSE-SLE-SERVER-12-SP3-BCL-2022-2478
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.6 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).\n- CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).\n- CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619).\n- CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)\n- CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604).\n- CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013).\n- CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).\n- CVE-2017-16525: Fixed a use-after-free after failed setup in usb/serial/console (bsc#1066618).\n\nThe following non-security bugs were fixed:\n\n- exec: Force single empty string when argv is empty (bsc#1200571).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2478,SUSE-SLE-SERVER-12-SP3-BCL-2022-2478",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2478-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2478-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222478-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2478-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011611.html"
},
{
"category": "self",
"summary": "SUSE Bug 1066618",
"url": "https://bugzilla.suse.com/1066618"
},
{
"category": "self",
"summary": "SUSE Bug 1146519",
"url": "https://bugzilla.suse.com/1146519"
},
{
"category": "self",
"summary": "SUSE Bug 1194013",
"url": "https://bugzilla.suse.com/1194013"
},
{
"category": "self",
"summary": "SUSE Bug 1196901",
"url": "https://bugzilla.suse.com/1196901"
},
{
"category": "self",
"summary": "SUSE Bug 1199487",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "self",
"summary": "SUSE Bug 1199657",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "self",
"summary": "SUSE Bug 1200571",
"url": "https://bugzilla.suse.com/1200571"
},
{
"category": "self",
"summary": "SUSE Bug 1200604",
"url": "https://bugzilla.suse.com/1200604"
},
{
"category": "self",
"summary": "SUSE Bug 1200605",
"url": "https://bugzilla.suse.com/1200605"
},
{
"category": "self",
"summary": "SUSE Bug 1200619",
"url": "https://bugzilla.suse.com/1200619"
},
{
"category": "self",
"summary": "SUSE Bug 1200692",
"url": "https://bugzilla.suse.com/1200692"
},
{
"category": "self",
"summary": "SUSE Bug 1201050",
"url": "https://bugzilla.suse.com/1201050"
},
{
"category": "self",
"summary": "SUSE Bug 1201080",
"url": "https://bugzilla.suse.com/1201080"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16525 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26341 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4157 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20132 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20141 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29900 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29901 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-33981 page",
"url": "https://www.suse.com/security/cve/CVE-2022-33981/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-07-21T09:20:18Z",
"generator": {
"date": "2022-07-21T09:20:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2478-1",
"initial_release_date": "2022-07-21T09:20:18Z",
"revision_history": [
{
"date": "2022-07-21T09:20:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.167.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.167.1.aarch64",
"product_id": "dlm-kmp-default-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.167.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-default-4.4.180-94.167.1.aarch64",
"product_id": "kernel-default-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.180-94.167.1.aarch64",
"product_id": "kernel-default-base-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.180-94.167.1.aarch64",
"product_id": "kernel-default-devel-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.180-94.167.1.aarch64",
"product_id": "kernel-default-extra-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.167.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.180-94.167.1.aarch64",
"product_id": "kernel-obs-build-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.167.1.aarch64",
"product_id": "kernel-obs-qa-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-syms-4.4.180-94.167.1.aarch64",
"product_id": "kernel-syms-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.180-94.167.1.aarch64",
"product_id": "kernel-vanilla-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.167.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.167.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.167.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.167.1.aarch64",
"product_id": "kselftests-kmp-default-4.4.180-94.167.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.167.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.167.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.180-94.167.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-devel-4.4.180-94.167.1.noarch",
"product_id": "kernel-devel-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-docs-4.4.180-94.167.1.noarch",
"product_id": "kernel-docs-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.180-94.167.1.noarch",
"product_id": "kernel-docs-html-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.180-94.167.1.noarch",
"product_id": "kernel-docs-pdf-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-macros-4.4.180-94.167.1.noarch",
"product_id": "kernel-macros-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-source-4.4.180-94.167.1.noarch",
"product_id": "kernel-source-4.4.180-94.167.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.180-94.167.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.180-94.167.1.noarch",
"product_id": "kernel-source-vanilla-4.4.180-94.167.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.167.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.167.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.167.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.180-94.167.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.167.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.167.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-debug-base-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-default-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-default-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-default-base-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-default-devel-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-default-extra-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-obs-build-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-syms-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-vanilla-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.167.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.167.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.167.1.ppc64le",
"product_id": "kselftests-kmp-default-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.167.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.167.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.180-94.167.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.167.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.167.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.180-94.167.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.167.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.167.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.167.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.180-94.167.1.s390x",
"product_id": "dlm-kmp-default-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.167.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.167.1.s390x",
"product_id": "gfs2-kmp-default-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-base-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-base-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-devel-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-extra-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-kgraft-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-default-man-4.4.180-94.167.1.s390x",
"product_id": "kernel-default-man-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.180-94.167.1.s390x",
"product_id": "kernel-obs-build-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.180-94.167.1.s390x",
"product_id": "kernel-obs-qa-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-syms-4.4.180-94.167.1.s390x",
"product_id": "kernel-syms-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.180-94.167.1.s390x",
"product_id": "kernel-vanilla-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.167.1.s390x",
"product_id": "kernel-vanilla-base-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.167.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.180-94.167.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.180-94.167.1.s390x",
"product_id": "kernel-zfcpdump-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.167.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.167.1.s390x",
"product_id": "kselftests-kmp-default-4.4.180-94.167.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.167.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.167.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.180-94.167.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.167.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.167.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.167.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.167.1.x86_64",
"product_id": "dlm-kmp-default-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.167.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.167.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-debug-4.4.180-94.167.1.x86_64",
"product_id": "kernel-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.180-94.167.1.x86_64",
"product_id": "kernel-debug-base-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.180-94.167.1.x86_64",
"product_id": "kernel-debug-devel-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.180-94.167.1.x86_64",
"product_id": "kernel-debug-extra-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.167.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-default-4.4.180-94.167.1.x86_64",
"product_id": "kernel-default-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.180-94.167.1.x86_64",
"product_id": "kernel-default-base-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.180-94.167.1.x86_64",
"product_id": "kernel-default-devel-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.180-94.167.1.x86_64",
"product_id": "kernel-default-extra-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.167.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.180-94.167.1.x86_64",
"product_id": "kernel-obs-build-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.167.1.x86_64",
"product_id": "kernel-obs-qa-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-syms-4.4.180-94.167.1.x86_64",
"product_id": "kernel-syms-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.180-94.167.1.x86_64",
"product_id": "kernel-vanilla-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.167.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.167.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.167.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.167.1.x86_64",
"product_id": "kselftests-kmp-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.167.1.x86_64",
"product_id": "kselftests-kmp-default-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.167.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.167.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.180-94.167.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.167.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.167.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.180-94.167.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.180-94.167.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64"
},
"product_reference": "kernel-default-4.4.180-94.167.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.180-94.167.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.180-94.167.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.180-94.167.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.180-94.167.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.180-94.167.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch"
},
"product_reference": "kernel-devel-4.4.180-94.167.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.180-94.167.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch"
},
"product_reference": "kernel-macros-4.4.180-94.167.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.180-94.167.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch"
},
"product_reference": "kernel-source-4.4.180-94.167.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.180-94.167.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
},
"product_reference": "kernel-syms-4.4.180-94.167.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16525"
}
],
"notes": [
{
"category": "general",
"text": "The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16525",
"url": "https://www.suse.com/security/cve/CVE-2017-16525"
},
{
"category": "external",
"summary": "SUSE Bug 1066618 for CVE-2017-16525",
"url": "https://bugzilla.suse.com/1066618"
},
{
"category": "external",
"summary": "SUSE Bug 1146519 for CVE-2017-16525",
"url": "https://bugzilla.suse.com/1146519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2017-16525"
},
{
"cve": "CVE-2021-26341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26341"
}
],
"notes": [
{
"category": "general",
"text": "Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26341",
"url": "https://www.suse.com/security/cve/CVE-2021-26341"
},
{
"category": "external",
"summary": "SUSE Bug 1191580 for CVE-2021-26341",
"url": "https://bugzilla.suse.com/1191580"
},
{
"category": "external",
"summary": "SUSE Bug 1196901 for CVE-2021-26341",
"url": "https://bugzilla.suse.com/1196901"
},
{
"category": "external",
"summary": "SUSE Bug 1201050 for CVE-2021-26341",
"url": "https://bugzilla.suse.com/1201050"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2021-26341"
},
{
"cve": "CVE-2021-4157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4157"
}
],
"notes": [
{
"category": "general",
"text": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4157",
"url": "https://www.suse.com/security/cve/CVE-2021-4157"
},
{
"category": "external",
"summary": "SUSE Bug 1194013 for CVE-2021-4157",
"url": "https://bugzilla.suse.com/1194013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2021-4157"
},
{
"cve": "CVE-2022-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1679"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1679",
"url": "https://www.suse.com/security/cve/CVE-2022-1679"
},
{
"category": "external",
"summary": "SUSE Bug 1199487 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "external",
"summary": "SUSE Bug 1201080 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201080"
},
{
"category": "external",
"summary": "SUSE Bug 1201832 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201832"
},
{
"category": "external",
"summary": "SUSE Bug 1204132 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1204132"
},
{
"category": "external",
"summary": "SUSE Bug 1212316 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1212316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "important"
}
],
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-20132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20132"
}
],
"notes": [
{
"category": "general",
"text": "In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20132",
"url": "https://www.suse.com/security/cve/CVE-2022-20132"
},
{
"category": "external",
"summary": "SUSE Bug 1200619 for CVE-2022-20132",
"url": "https://bugzilla.suse.com/1200619"
},
{
"category": "external",
"summary": "SUSE Bug 1212287 for CVE-2022-20132",
"url": "https://bugzilla.suse.com/1212287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2022-20132"
},
{
"cve": "CVE-2022-20141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20141"
}
],
"notes": [
{
"category": "general",
"text": "In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20141",
"url": "https://www.suse.com/security/cve/CVE-2022-20141"
},
{
"category": "external",
"summary": "SUSE Bug 1200604 for CVE-2022-20141",
"url": "https://bugzilla.suse.com/1200604"
},
{
"category": "external",
"summary": "SUSE Bug 1200605 for CVE-2022-20141",
"url": "https://bugzilla.suse.com/1200605"
},
{
"category": "external",
"summary": "SUSE Bug 1203034 for CVE-2022-20141",
"url": "https://bugzilla.suse.com/1203034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "important"
}
],
"title": "CVE-2022-20141"
},
{
"cve": "CVE-2022-29900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29900"
}
],
"notes": [
{
"category": "general",
"text": "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29900",
"url": "https://www.suse.com/security/cve/CVE-2022-29900"
},
{
"category": "external",
"summary": "SUSE Bug 1199657 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "external",
"summary": "SUSE Bug 1201469 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1201469"
},
{
"category": "external",
"summary": "SUSE Bug 1207894 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1207894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2022-29900"
},
{
"cve": "CVE-2022-29901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29901"
}
],
"notes": [
{
"category": "general",
"text": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29901",
"url": "https://www.suse.com/security/cve/CVE-2022-29901"
},
{
"category": "external",
"summary": "SUSE Bug 1199657 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "external",
"summary": "SUSE Bug 1201469 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1201469"
},
{
"category": "external",
"summary": "SUSE Bug 1207894 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1207894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2022-29901"
},
{
"cve": "CVE-2022-33981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-33981"
}
],
"notes": [
{
"category": "general",
"text": "drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-33981",
"url": "https://www.suse.com/security/cve/CVE-2022-33981"
},
{
"category": "external",
"summary": "SUSE Bug 1200692 for CVE-2022-33981",
"url": "https://bugzilla.suse.com/1200692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.167.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.167.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.167.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-21T09:20:18Z",
"details": "moderate"
}
],
"title": "CVE-2022-33981"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…