{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\n\nThe SUSE Linux Enterprise 12 SP1 RT kernel was updated to 3.12.67 to receive various security and bugfixes.\n\nThis feature was added:\n\n- fate#320805: Execute in place (XIP) support for the ext2 filesystem.\n\nThe following security bugs were fixed:\n\n- CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel allowed local users to gain privileges by triggering access to a paging structure by a different CPU (bnc#963767).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986362).\n- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418).\n- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152)\n- CVE-2016-6130: Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by changing a certain length value, aka a 'double fetch' vulnerability (bnc#987542)\n- CVE-2016-6327: System using the infiniband support module ib_srpt were vulnerable to a denial of service by system crash by a local attacker who is able to abort writes by sending the ABORT_TASK command (bsc#994758)\n- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608)\n- CVE-2016-6828: Use after free 4 in tcp_xmit_retransmit_queue or other tcp_ functions (bsc#994296)\n- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bsc#1004517).\n- CVE-2016-7097: The filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bsc#995968).\n- CVE-2016-7425: A buffer overflow in the Linux Kernel in arcmsr_iop_message_xfer() could have caused kernel heap corruption and arbitraty kernel code execution (bsc#999932)\n- CVE-2016-8658: Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bsc#1004462).\n\nThe following non-security bugs were fixed:\n\n- aacraid: Fix RRQ overload (bsc#1003079).\n- acpi / PM: Ignore wakeup setting if the ACPI companion can't wake up.\n- AF_VSOCK: Shrink the area influenced by prepare_to_wait (bsc#994520).\n- apparmor: add missing id bounds check on dfa verification (bsc#1000304).\n- apparmor: check that xindex is in trans_table bounds (bsc#1000304).\n- apparmor: do not expose kernel stack (bsc#1000304).\n- apparmor: don't check for vmalloc_addr if kvzalloc() failed (bsc#1000304).\n- apparmor: ensure the target profile name is always audited (bsc#1000304).\n- apparmor: exec should not be returning ENOENT when it denies (bsc#1000304).\n- apparmor: fix arg_size computation for when setprocattr is null terminated (bsc#1000304).\n- apparmor: fix audit full profile hname on successful load (bsc#1000304).\n- apparmor: fix change_hat not finding hat after policy replacement (bsc#1000287).\n- apparmor: fix disconnected bind mnts reconnection (bsc#1000304).\n- apparmor: fix log failures for all profiles in a set (bsc#1000304).\n- apparmor: fix module parameters can be changed after policy is locked (bsc#1000304).\n- apparmor: fix oops in profile_unpack() when policy_db is not present (bsc#1000304).\n- apparmor: fix oops, validate buffer size in apparmor_setprocattr() (bsc#1000304).\n- apparmor: fix put() parent ref after updating the active ref (bsc#1000304).\n- apparmor: fix refcount bug in profile replacement (bsc#1000304).\n- apparmor: fix refcount race when finding a child profile (bsc#1000304).\n- apparmor: fix replacement bug that adds new child to old parent (bsc#1000304).\n- apparmor: fix uninitialized lsm_audit member (bsc#1000304).\n- apparmor: fix update the mtime of the profile file on replacement (bsc#1000304).\n- apparmor: internal paths should be treated as disconnected (bsc#1000304).\n- apparmor: use list_next_entry instead of list_entry_next (bsc#1000304).\n- arm64: Ensure pmd_present() returns false after pmd_mknotpresent() (Automatic NUMA Balancing).\n- avoid dentry crash triggered by NFS (bsc#984194).\n- be2net: Don't leak iomapped memory on removal (bsc#921784 FATE#318561).\n- be2net: fix BE3-R FW download compatibility check (bsc#921784 FATE#318561).\n- be2net: fix wrong return value in be_check_ufi_compatibility() (bsc#921784 FATE#318561).\n- be2net: remove vlan promisc capability from VF's profile descriptors (bsc#921784 FATE#318561).\n- blkfront: fix an error path memory leak (luckily none so far).\n- blk-mq: fix undefined behaviour in order_to_size().\n- blktap2: eliminate deadlock potential from shutdown path (bsc#909994).\n- blktap2: eliminate race from deferred work queue handling (bsc#911687).\n- bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925, CVE-2015-8956).\n- bond: Check length of IFLA_BOND_ARP_IP_TARGET attributes.\n- bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687).\n- bonding: fix curr_active_slave/carrier with loadbalance arp monitoring.\n- bonding: Prevent IPv6 link local address on enslaved devices.\n- bonding: prevent out of bound accesses.\n- bonding: set carrier off for devices created through netlink (bsc#999577).\n- btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).\n- btrfs: add missing discards when unpinning extents with -o discard (bsc#904489).\n- btrfs: btrfs_issue_discard ensure offset/length are aligned to sector boundaries (bsc#904489).\n- btrfs: Disable btrfs-8448-improve-performance-on-fsync-against-new-inode.patch (bsc#981597).\n- btrfs: do not create or leak aliased root while cleaning up orphans (bsc#904489).\n- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).\n- btrfs: explictly delete unused block groups in close_ctree and ro-remount (bsc#904489).\n- btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596, bsc#984779)\n- btrfs: fix fitrim discarding device area reserved for boot loader's use (bsc#904489).\n- btrfs: handle quota reserve failure properly (bsc#1005666).\n- btrfs: iterate over unused chunk space in FITRIM (bsc#904489).\n- btrfs: make btrfs_issue_discard return bytes discarded (bsc#904489).\n- btrfs: properly track when rescan worker is running (bsc#989953).\n- btrfs: remove unnecessary locking of cleaner_mutex to avoid deadlock (bsc#904489).\n- btrfs: skip superblocks during discard (bsc#904489).\n- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).\n- btrfs: waiting on qgroup rescan should not always be interruptible (bsc#992712).\n- cdc-acm: added sanity checking for probe() (bsc#993891).\n- cephfs: ignore error from invalidate_inode_pages2_range() in direct write (bsc#995153).\n- cephfs: remove warning when ceph_releasepage() is called on dirty page (bsc#995153).\n- ceph: Refresh patches.suse/CFS-0259-ceph-Asynchronous-IO-support.patch. After a write, we must free the 'request', not the 'response' (bsc#995153).\n- clockevents: export clockevents_unbind_device instead of clockevents_unbind (bnc#937888).\n- conntrack: RFC5961 challenge ACK confuse conntrack LAST-ACK transition (bsc#966864).\n- cxgbi: fix uninitialized flowi6 (bsc#924384 FATE#318570 bsc#921338).\n- dm: fix AB-BA deadlock in __dm_destroy(). (bsc#970943)\n- efi: Small leak on error in runtime map code (fate#315019).\n- ext2: Enable ext2 driver in config files (bsc#976195).\n- ext4: Add parameter for tuning handling of ext2 (bsc#976195).\n- Fix kabi change cause by adding flock_owner to open_context (bsc#998689).\n- fix xfs-handle-dquot-buffer-readahead-in-log-recovery-co.patch (bsc#1003153).\n- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)\n- fs/select: add vmalloc fallback for select(2) (bsc#1000189).\n- ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).\n- hyperv: enable call to clockevents_unbind_device in kexec/kdump path\n- hyperv: replace KEXEC_CORE by plain KEXEC because we lack 2965faa5e0 in the base kernel\n- i40e: fix an uninitialized variable bug (bnc#857397 FATE#315659).\n- ib/iwpm: Fix a potential skb leak (bsc#924381 FATE#318568 bsc#921338).\n- ib/mlx5: Fix RC transport send queue overhead computation (bnc#865545 FATE#316891).\n- introduce NETIF_F_GSO_ENCAP_ALL helper mask (bsc#1001486).\n- iommu/amd: Update Alias-DTE in update_device_table() (bsc#975772).\n- ipv6: Fix improper use or RCU in patches.kabi/ipv6-add-complete-rcu-protection-around-np-opt.kabi.patch. (bsc#961257).\n- ipv6: fix multipath route replace error recovery (bsc#930399).\n- ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067).\n- ipv6: send only one NEWLINK when RA causes changes (bsc#934067).\n- iscsi: Add a missed complete in iscsit_close_connection (bsc#992555, bsc#987805).\n- kabi: work around kabi changes from commit 53f9ff48f636 (bsc#988617).\n- kaweth: fix firmware download (bsc#993890).\n- kaweth: fix oops upon failed memory allocation (bsc#993890).\n- kernel/fork: fix CLONE_CHILD_CLEARTID regression in nscd (bnc#941420).\n- kernel/printk: fix faulty logic in the case of recursive printk (bnc#744692, bnc#789311).\n- kvm: do not handle APIC access page if in-kernel irqchip is not in use (bsc#959463).\n- kvm: vmx: defer load of APIC access page address during reset (bsc#959463).\n- libceph: enable large, variable-sized OSD requests (bsc#988715).\n- libceph: make r_request msg_size calculation clearer (bsc#988715).\n- libceph: move r_reply_op_{len,result} into struct ceph_osd_req_op (bsc#988715).\n- libceph: osdc->req_mempool should be backed by a slab pool (bsc#988715).\n- libceph: rename ceph_osd_req_op::payload_len to indata_len (bsc#988715).\n- libfc: do not send ABTS when resetting exchanges (bsc#962846).\n- libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).\n- libfc: Fixup disc_mutex handling (bsc#962846).\n- libfc: fixup locking of ptp_setup() (bsc#962846).\n- libfc: Issue PRLI after a PRLO has been received (bsc#962846).\n- libfc: reset exchange manager during LOGO handling (bsc#962846).\n- libfc: Revisit kref handling (bnc#990245).\n- libfc: sanity check cpu number extracted from xid (bsc#988440).\n- libfc: send LOGO for PLOGI failure (bsc#962846).\n- md: check command validity early in md_ioctl() (bsc#1004520).\n- md: Drop sending a change uevent when stopping (bsc#1003568).\n- md: lockless I/O submission for RAID1 (bsc#982783).\n- md/raid5: fix a recently broken BUG_ON() (bsc#1006691).\n- mm, cma: prevent nr_isolated_* counters from going negative (bnc#971975).\n- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).\n- module: Issue warnings when tainting kernel (bsc#974406).\n- mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).\n- mpt3sas: Update patches.drivers/mpt3sas-Fix-use-sas_is_tlr_enabled-API-before-enabli.patch (bsc#967640, bsc#992244).\n- msi-x: fix an error path (luckily none so far).\n- netback: fix flipping mode (bsc#996664).\n- netback: fix refounting (bsc#978094).\n- netfront: don't truncate grant references.\n- netfront: use correct linear area after linearizing an skb (bsc#1007886).\n- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1003400).\n- nfs: Add a stub for GETDEVICELIST (bnc#898675).\n- nfs: Do not write enable new pages while an invalidation is proceeding (bsc#999584).\n- nfsd: Use free_conn to free connection (bsc#979451).\n- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).\n- nfs: Fix a regression in the read() syscall (bsc#999584).\n- nfs: fix BUG() crash in notify_change() with patch to chown_common() (bnc#876463).\n- nfs: fix pg_test page count calculation (bnc#898675).\n- nfs: nfs4_fl_prepare_ds must be careful about reporting success (bsc#1000776).\n- nfsv4: add flock_owner to open context (bnc#998689).\n- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).\n- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).\n- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).\n- nfsv4: Ensure nfs_atomic_open set the dentry verifier on ENOENT (bnc#866130).\n- oops on restarting network with bonding mode4 (lacp) (bsc#876145).\n- packet: tpacket_snd(): fix signed/unsigned comparison (bsc#874131).\n- perf/x86/intel: Fix bug for 'cycles:p' and 'cycles:pp' on SLM (bsc#997896).\n- PM / hibernate: Fix 2G size issue of snapshot image verification (bsc#1004252).\n- PM / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).\n- powerpc: add kernel parameter iommu_alloc_quiet (bsc#998825).\n- ppp: defer netns reference release for ppp channel (bsc#980371).\n- printk: add kernel parameter to control writes to /dev/kmsg (bsc#979928).\n- qgroup: Prevent qgroup->reserved from going subzero (bsc#993841).\n- qlcnic: potential NULL dereference in qlcnic_83xx_get_minidump_template() (bsc#922064 FATE#318609)\n- radeon: avoid boot hang in Xen Dom0 (luckily none so far).\n- ratelimit: extend to print suppressed messages on release (bsc#979928).\n- ratelimit: fix bug in time interval by resetting right begin time (bsc#979928).\n- rbd: truncate objects on cmpext short reads (bsc#988715).\n- Revert 'Input: i8042 - break load dependency between atkbd/psmouse and i8042'.\n- Revert 'Input: i8042 - set up shared ps2_cmd_mutex for AUX ports'.\n- rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)\n- rtnetlink: avoid 0 sized arrays.\n- RTNL: assertion failed at dev.c (bsc#875631).\n- s390: add SMT support (bnc#994438).\n- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).\n- sched/core: Fix a race between try_to_wake_up() and a woken up task (bsc#1002165, bsc#1001419).\n- scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).\n- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)\n- scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).\n- sd: Fix memory leak caused by RESET_WP patch (bsc#999779).\n- squashfs3: properly handle dir_emit() failures (bsc#998795).\n- SUNRPC: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT (bnc#868923).\n- SUNRPC: Fix a regression when reconnecting (bsc#946309).\n- supported.conf: Add ext2\n- supported.conf: Add iscsi modules to -base (bsc#997299)\n- supported.conf: Add tun to -base (bsc#992593)\n- supported.conf: Add veth to -base (bsc#992591)\n- target: Fix missing complete during ABORT_TASK + CMD_T_FABRIC_STOP (bsc#987621).\n- target: Fix race between iscsi-target connection shutdown + ABORT_TASK (bsc#987621).\n- tcp: add proper TS val into RST packets (bsc#937086).\n- tcp: align tcp_xmit_size_goal() on tcp_tso_autosize() (bsc#937086).\n- tcp: fix child sockets to use system default congestion control if not set.\n- tcp: fix cwnd limited checking to improve congestion control (bsc#988617).\n- tcp: refresh skb timestamp at retransmit time (bsc#937086).\n- timers: Use proper base migration in add_timer_on() (bnc#993392).\n- tunnels: Do not apply GRO to multiple layers of encapsulation (bsc#1001486).\n- tunnels: Remove encapsulation offloads on decap (bsc#1001486).\n- usb: fix typo in wMaxPacketSize validation (bsc#991665).\n- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).\n- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).\n- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).\n- vmxnet3: Wake queue from reset work (bsc#999907).\n- x86: Removed the free memblock of hibernat keys to avoid memory corruption (bsc#990058).\n- x86/tlb/trace: Do not trace on CPU that is offline (TLB Performance git-fixes).\n- xenbus: don't invoke ->is_ready() for most device states (bsc#987333).\n- xenbus: inspect the correct type in xenbus_dev_request_and_reply().\n- xen/pciback: Fix conf_space read/write overlap check.\n- xen-pciback: return proper values during BAR sizing.\n- xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).\n- xfs: fixed signedness of error code in xfs_inode_buf_verify (bsc#1003153).\n- xfs: handle dquot buffer readahead in log recovery correctly (bsc#955446).\n- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).\n- xhci: Check if slot is already in default state before moving it there (FATE#315518).\n- xhci: silence warnings in switch (bnc#991665).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-SLE-RT-12-SP1-2016-1938","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3304-1.json"},{"category":"self","summary":"URL for SUSE-SU-2016:3304-1","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20163304-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2016:3304-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2016-December/002539.html"},{"category":"self","summary":"SUSE Bug 1000189","url":"https://bugzilla.suse.com/1000189"},{"category":"self","summary":"SUSE Bug 1000287","url":"https://bugzilla.suse.com/1000287"},{"category":"self","summary":"SUSE Bug 1000304","url":"https://bugzilla.suse.com/1000304"},{"category":"self","summary":"SUSE Bug 1000776","url":"https://bugzilla.suse.com/1000776"},{"category":"self","summary":"SUSE Bug 1001419","url":"https://bugzilla.suse.com/1001419"},{"category":"self","summary":"SUSE Bug 1001486","url":"https://bugzilla.suse.com/1001486"},{"category":"self","summary":"SUSE Bug 1002165","url":"https://bugzilla.suse.com/1002165"},{"category":"self","summary":"SUSE Bug 1003079","url":"https://bugzilla.suse.com/1003079"},{"category":"self","summary":"SUSE Bug 1003153","url":"https://bugzilla.suse.com/1003153"},{"category":"self","summary":"SUSE Bug 1003400","url":"https://bugzilla.suse.com/1003400"},{"category":"self","summary":"SUSE Bug 1003568","url":"https://bugzilla.suse.com/1003568"},{"category":"self","summary":"SUSE Bug 1003925","url":"https://bugzilla.suse.com/1003925"},{"category":"self","summary":"SUSE Bug 1004252","url":"https://bugzilla.suse.com/1004252"},{"category":"self","summary":"SUSE Bug 1004418","url":"https://bugzilla.suse.com/1004418"},{"category":"self","summary":"SUSE Bug 1004462","url":"https://bugzilla.suse.com/1004462"},{"category":"self","summary":"SUSE Bug 1004517","url":"https://bugzilla.suse.com/1004517"},{"category":"self","summary":"SUSE Bug 1004520","url":"https://bugzilla.suse.com/1004520"},{"category":"self","summary":"SUSE Bug 1005666","url":"https://bugzilla.suse.com/1005666"},{"category":"self","summary":"SUSE Bug 1006691","url":"https://bugzilla.suse.com/1006691"},{"category":"self","summary":"SUSE Bug 1007615","url":"https://bugzilla.suse.com/1007615"},{"category":"self","summary":"SUSE Bug 1007886","url":"https://bugzilla.suse.com/1007886"},{"category":"self","summary":"SUSE Bug 744692","url":"https://bugzilla.suse.com/744692"},{"category":"self","summary":"SUSE Bug 789311","url":"https://bugzilla.suse.com/789311"},{"category":"self","summary":"SUSE Bug 857397","url":"https://bugzilla.suse.com/857397"},{"category":"self","summary":"SUSE Bug 860441","url":"https://bugzilla.suse.com/860441"},{"category":"self","summary":"SUSE Bug 865545","url":"https://bugzilla.suse.com/865545"},{"category":"self","summary":"SUSE Bug 866130","url":"https://bugzilla.suse.com/866130"},{"category":"self","summary":"SUSE Bug 868923","url":"https://bugzilla.suse.com/868923"},{"category":"self","summary":"SUSE Bug 874131","url":"https://bugzilla.suse.com/874131"},{"category":"self","summary":"SUSE Bug 875631","url":"https://bugzilla.suse.com/875631"},{"category":"self","summary":"SUSE Bug 876145","url":"https://bugzilla.suse.com/876145"},{"category":"self","summary":"SUSE Bug 876463","url":"https://bugzilla.suse.com/876463"},{"category":"self","summary":"SUSE Bug 898675","url":"https://bugzilla.suse.com/898675"},{"category":"self","summary":"SUSE Bug 904489","url":"https://bugzilla.suse.com/904489"},{"category":"self","summary":"SUSE Bug 909994","url":"https://bugzilla.suse.com/909994"},{"category":"self","summary":"SUSE Bug 911687","url":"https://bugzilla.suse.com/911687"},{"category":"self","summary":"SUSE Bug 915183","url":"https://bugzilla.suse.com/915183"},{"category":"self","summary":"SUSE Bug 921338","url":"https://bugzilla.suse.com/921338"},{"category":"self","summary":"SUSE Bug 921784","url":"https://bugzilla.suse.com/921784"},{"category":"self","summary":"SUSE Bug 922064","url":"https://bugzilla.suse.com/922064"},{"category":"self","summary":"SUSE Bug 922634","url":"https://bugzilla.suse.com/922634"},{"category":"self","summary":"SUSE Bug 924381","url":"https://bugzilla.suse.com/924381"},{"category":"self","summary":"SUSE Bug 924384","url":"https://bugzilla.suse.com/924384"},{"category":"self","summary":"SUSE Bug 930399","url":"https://bugzilla.suse.com/930399"},{"category":"self","summary":"SUSE Bug 934067","url":"https://bugzilla.suse.com/934067"},{"category":"self","summary":"SUSE Bug 937086","url":"https://bugzilla.suse.com/937086"},{"category":"self","summary":"SUSE Bug 937888","url":"https://bugzilla.suse.com/937888"},{"category":"self","summary":"SUSE Bug 941420","url":"https://bugzilla.suse.com/941420"},{"category":"self","summary":"SUSE Bug 946309","url":"https://bugzilla.suse.com/946309"},{"category":"self","summary":"SUSE Bug 955446","url":"https://bugzilla.suse.com/955446"},{"category":"self","summary":"SUSE Bug 956514","url":"https://bugzilla.suse.com/956514"},{"category":"self","summary":"SUSE Bug 959463","url":"https://bugzilla.suse.com/959463"},{"category":"self","summary":"SUSE Bug 961257","url":"https://bugzilla.suse.com/961257"},{"category":"self","summary":"SUSE Bug 962846","url":"https://bugzilla.suse.com/962846"},{"category":"self","summary":"SUSE Bug 963655","url":"https://bugzilla.suse.com/963655"},{"category":"self","summary":"SUSE Bug 963767","url":"https://bugzilla.suse.com/963767"},{"category":"self","summary":"SUSE Bug 966864","url":"https://bugzilla.suse.com/966864"},{"category":"self","summary":"SUSE Bug 967640","url":"https://bugzilla.suse.com/967640"},{"category":"self","summary":"SUSE Bug 970943","url":"https://bugzilla.suse.com/970943"},{"category":"self","summary":"SUSE Bug 971975","url":"https://bugzilla.suse.com/971975"},{"category":"self","summary":"SUSE Bug 971989","url":"https://bugzilla.suse.com/971989"},{"category":"self","summary":"SUSE Bug 974406","url":"https://bugzilla.suse.com/974406"},{"category":"self","summary":"SUSE Bug 974620","url":"https://bugzilla.suse.com/974620"},{"category":"self","summary":"SUSE Bug 975596","url":"https://bugzilla.suse.com/975596"},{"category":"self","summary":"SUSE Bug 975772","url":"https://bugzilla.suse.com/975772"},{"category":"self","summary":"SUSE Bug 976195","url":"https://bugzilla.suse.com/976195"},{"category":"self","summary":"SUSE Bug 977687","url":"https://bugzilla.suse.com/977687"},{"category":"self","summary":"SUSE Bug 978094","url":"https://bugzilla.suse.com/978094"},{"category":"self","summary":"SUSE Bug 979451","url":"https://bugzilla.suse.com/979451"},{"category":"self","summary":"SUSE Bug 979681","url":"https://bugzilla.suse.com/979681"},{"category":"self","summary":"SUSE Bug 979928","url":"https://bugzilla.suse.com/979928"},{"category":"self","summary":"SUSE Bug 980371","url":"https://bugzilla.suse.com/980371"},{"category":"self","summary":"SUSE Bug 981597","url":"https://bugzilla.suse.com/981597"},{"category":"self","summary":"SUSE Bug 982783","url":"https://bugzilla.suse.com/982783"},{"category":"self","summary":"SUSE Bug 983619","url":"https://bugzilla.suse.com/983619"},{"category":"self","summary":"SUSE Bug 984194","url":"https://bugzilla.suse.com/984194"},{"category":"self","summary":"SUSE Bug 984419","url":"https://bugzilla.suse.com/984419"},{"category":"self","summary":"SUSE Bug 984779","url":"https://bugzilla.suse.com/984779"},{"category":"self","summary":"SUSE Bug 984992","url":"https://bugzilla.suse.com/984992"},{"category":"self","summary":"SUSE Bug 985562","url":"https://bugzilla.suse.com/985562"},{"category":"self","summary":"SUSE Bug 986362","url":"https://bugzilla.suse.com/986362"},{"category":"self","summary":"SUSE Bug 986365","url":"https://bugzilla.suse.com/986365"},{"category":"self","summary":"SUSE Bug 986445","url":"https://bugzilla.suse.com/986445"},{"category":"self","summary":"SUSE Bug 987192","url":"https://bugzilla.suse.com/987192"},{"category":"self","summary":"SUSE Bug 987333","url":"https://bugzilla.suse.com/987333"},{"category":"self","summary":"SUSE Bug 987542","url":"https://bugzilla.suse.com/987542"},{"category":"self","summary":"SUSE Bug 987565","url":"https://bugzilla.suse.com/987565"},{"category":"self","summary":"SUSE Bug 987621","url":"https://bugzilla.suse.com/987621"},{"category":"self","summary":"SUSE Bug 987805","url":"https://bugzilla.suse.com/987805"},{"category":"self","summary":"SUSE Bug 988440","url":"https://bugzilla.suse.com/988440"},{"category":"self","summary":"SUSE Bug 988617","url":"https://bugzilla.suse.com/988617"},{"category":"self","summary":"SUSE Bug 988715","url":"https://bugzilla.suse.com/988715"},{"category":"self","summary":"SUSE Bug 989152","url":"https://bugzilla.suse.com/989152"},{"category":"self","summary":"SUSE Bug 989953","url":"https://bugzilla.suse.com/989953"},{"category":"self","summary":"SUSE Bug 990058","url":"https://bugzilla.suse.com/990058"},{"category":"self","summary":"SUSE Bug 990245","url":"https://bugzilla.suse.com/990245"},{"category":"self","summary":"SUSE Bug 991247","url":"https://bugzilla.suse.com/991247"},{"category":"self","summary":"SUSE Bug 991608","url":"https://bugzilla.suse.com/991608"},{"category":"self","summary":"SUSE Bug 991665","url":"https://bugzilla.suse.com/991665"},{"category":"self","summary":"SUSE Bug 991667","url":"https://bugzilla.suse.com/991667"},{"category":"self","summary":"SUSE Bug 992244","url":"https://bugzilla.suse.com/992244"},{"category":"self","summary":"SUSE Bug 992555","url":"https://bugzilla.suse.com/992555"},{"category":"self","summary":"SUSE Bug 992568","url":"https://bugzilla.suse.com/992568"},{"category":"self","summary":"SUSE Bug 992591","url":"https://bugzilla.suse.com/992591"},{"category":"self","summary":"SUSE Bug 992593","url":"https://bugzilla.suse.com/992593"},{"category":"self","summary":"SUSE Bug 992712","url":"https://bugzilla.suse.com/992712"},{"category":"self","summary":"SUSE Bug 993392","url":"https://bugzilla.suse.com/993392"},{"category":"self","summary":"SUSE Bug 993841","url":"https://bugzilla.suse.com/993841"},{"category":"self","summary":"SUSE Bug 993890","url":"https://bugzilla.suse.com/993890"},{"category":"self","summary":"SUSE Bug 993891","url":"https://bugzilla.suse.com/993891"},{"category":"self","summary":"SUSE Bug 994167","url":"https://bugzilla.suse.com/994167"},{"category":"self","summary":"SUSE Bug 994296","url":"https://bugzilla.suse.com/994296"},{"category":"self","summary":"SUSE Bug 994438","url":"https://bugzilla.suse.com/994438"},{"category":"self","summary":"SUSE Bug 994520","url":"https://bugzilla.suse.com/994520"},{"category":"self","summary":"SUSE Bug 994758","url":"https://bugzilla.suse.com/994758"},{"category":"self","summary":"SUSE Bug 995153","url":"https://bugzilla.suse.com/995153"},{"category":"self","summary":"SUSE Bug 995968","url":"https://bugzilla.suse.com/995968"},{"category":"self","summary":"SUSE Bug 996664","url":"https://bugzilla.suse.com/996664"},{"category":"self","summary":"SUSE Bug 997059","url":"https://bugzilla.suse.com/997059"},{"category":"self","summary":"SUSE Bug 997299","url":"https://bugzilla.suse.com/997299"},{"category":"self","summary":"SUSE Bug 997708","url":"https://bugzilla.suse.com/997708"},{"category":"self","summary":"SUSE Bug 997896","url":"https://bugzilla.suse.com/997896"},{"category":"self","summary":"SUSE Bug 998689","url":"https://bugzilla.suse.com/998689"},{"category":"self","summary":"SUSE Bug 998795","url":"https://bugzilla.suse.com/998795"},{"category":"self","summary":"SUSE Bug 998825","url":"https://bugzilla.suse.com/998825"},{"category":"self","summary":"SUSE Bug 999577","url":"https://bugzilla.suse.com/999577"},{"category":"self","summary":"SUSE Bug 999584","url":"https://bugzilla.suse.com/999584"},{"category":"self","summary":"SUSE Bug 999600","url":"https://bugzilla.suse.com/999600"},{"category":"self","summary":"SUSE Bug 999779","url":"https://bugzilla.suse.com/999779"},{"category":"self","summary":"SUSE Bug 999907","url":"https://bugzilla.suse.com/999907"},{"category":"self","summary":"SUSE Bug 999932","url":"https://bugzilla.suse.com/999932"},{"category":"self","summary":"SUSE CVE CVE-2015-8956 page","url":"https://www.suse.com/security/cve/CVE-2015-8956/"},{"category":"self","summary":"SUSE CVE CVE-2016-2069 page","url":"https://www.suse.com/security/cve/CVE-2016-2069/"},{"category":"self","summary":"SUSE CVE CVE-2016-4997 page","url":"https://www.suse.com/security/cve/CVE-2016-4997/"},{"category":"self","summary":"SUSE CVE CVE-2016-5195 page","url":"https://www.suse.com/security/cve/CVE-2016-5195/"},{"category":"self","summary":"SUSE CVE CVE-2016-5696 page","url":"https://www.suse.com/security/cve/CVE-2016-5696/"},{"category":"self","summary":"SUSE CVE CVE-2016-6130 page","url":"https://www.suse.com/security/cve/CVE-2016-6130/"},{"category":"self","summary":"SUSE CVE CVE-2016-6327 page","url":"https://www.suse.com/security/cve/CVE-2016-6327/"},{"category":"self","summary":"SUSE CVE CVE-2016-6480 page","url":"https://www.suse.com/security/cve/CVE-2016-6480/"},{"category":"self","summary":"SUSE CVE CVE-2016-6828 page","url":"https://www.suse.com/security/cve/CVE-2016-6828/"},{"category":"self","summary":"SUSE CVE CVE-2016-7042 page","url":"https://www.suse.com/security/cve/CVE-2016-7042/"},{"category":"self","summary":"SUSE CVE CVE-2016-7097 page","url":"https://www.suse.com/security/cve/CVE-2016-7097/"},{"category":"self","summary":"SUSE CVE CVE-2016-7425 page","url":"https://www.suse.com/security/cve/CVE-2016-7425/"},{"category":"self","summary":"SUSE CVE CVE-2016-8658 page","url":"https://www.suse.com/security/cve/CVE-2016-8658/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2016-12-30T13:09:04Z","generator":{"date":"2016-12-30T13:09:04Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2016:3304-1","initial_release_date":"2016-12-30T13:09:04Z","revision_history":[{"date":"2016-12-30T13:09:04Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-rt-3.12.67-60.27.1.noarch","product":{"name":"kernel-devel-rt-3.12.67-60.27.1.noarch","product_id":"kernel-devel-rt-3.12.67-60.27.1.noarch"}},{"category":"product_version","name":"kernel-source-rt-3.12.67-60.27.1.noarch","product":{"name":"kernel-source-rt-3.12.67-60.27.1.noarch","product_id":"kernel-source-rt-3.12.67-60.27.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"kernel-compute-3.12.67-60.27.1.x86_64","product":{"name":"kernel-compute-3.12.67-60.27.1.x86_64","product_id":"kernel-compute-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-compute-base-3.12.67-60.27.1.x86_64","product":{"name":"kernel-compute-base-3.12.67-60.27.1.x86_64","product_id":"kernel-compute-base-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-compute-devel-3.12.67-60.27.1.x86_64","product":{"name":"kernel-compute-devel-3.12.67-60.27.1.x86_64","product_id":"kernel-compute-devel-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","product":{"name":"kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","product_id":"kernel-compute_debug-devel-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-rt-3.12.67-60.27.1.x86_64","product":{"name":"kernel-rt-3.12.67-60.27.1.x86_64","product_id":"kernel-rt-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-rt-base-3.12.67-60.27.1.x86_64","product":{"name":"kernel-rt-base-3.12.67-60.27.1.x86_64","product_id":"kernel-rt-base-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-rt-devel-3.12.67-60.27.1.x86_64","product":{"name":"kernel-rt-devel-3.12.67-60.27.1.x86_64","product_id":"kernel-rt-devel-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","product":{"name":"kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","product_id":"kernel-rt_debug-devel-3.12.67-60.27.1.x86_64"}},{"category":"product_version","name":"kernel-syms-rt-3.12.67-60.27.1.x86_64","product":{"name":"kernel-syms-rt-3.12.67-60.27.1.x86_64","product_id":"kernel-syms-rt-3.12.67-60.27.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Real Time 12 SP1","product":{"name":"SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-compute-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-compute-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-compute-base-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-compute-base-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-compute-devel-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-compute-devel-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-compute_debug-devel-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-rt-3.12.67-60.27.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch"},"product_reference":"kernel-devel-rt-3.12.67-60.27.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-rt-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-base-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-rt-base-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-devel-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-rt-devel-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-devel-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-rt-3.12.67-60.27.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch"},"product_reference":"kernel-source-rt-3.12.67-60.27.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-rt-3.12.67-60.27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1","product_id":"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"},"product_reference":"kernel-syms-rt-3.12.67-60.27.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP1"}]},"vulnerabilities":[{"cve":"CVE-2015-8956","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-8956"}],"notes":[{"category":"general","text":"The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-8956","url":"https://www.suse.com/security/cve/CVE-2015-8956"},{"category":"external","summary":"SUSE Bug 1003925 for CVE-2015-8956","url":"https://bugzilla.suse.com/1003925"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2015-8956"},{"cve":"CVE-2016-2069","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-2069"}],"notes":[{"category":"general","text":"Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-2069","url":"https://www.suse.com/security/cve/CVE-2016-2069"},{"category":"external","summary":"SUSE Bug 1020452 for CVE-2016-2069","url":"https://bugzilla.suse.com/1020452"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2016-2069","url":"https://bugzilla.suse.com/1115893"},{"category":"external","summary":"SUSE Bug 870618 for CVE-2016-2069","url":"https://bugzilla.suse.com/870618"},{"category":"external","summary":"SUSE Bug 963767 for CVE-2016-2069","url":"https://bugzilla.suse.com/963767"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"low"}],"title":"CVE-2016-2069"},{"cve":"CVE-2016-4997","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-4997"}],"notes":[{"category":"general","text":"The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-4997","url":"https://www.suse.com/security/cve/CVE-2016-4997"},{"category":"external","summary":"SUSE Bug 1020452 for CVE-2016-4997","url":"https://bugzilla.suse.com/1020452"},{"category":"external","summary":"SUSE Bug 986362 for CVE-2016-4997","url":"https://bugzilla.suse.com/986362"},{"category":"external","summary":"SUSE Bug 986365 for CVE-2016-4997","url":"https://bugzilla.suse.com/986365"},{"category":"external","summary":"SUSE Bug 986377 for CVE-2016-4997","url":"https://bugzilla.suse.com/986377"},{"category":"external","summary":"SUSE Bug 991651 for CVE-2016-4997","url":"https://bugzilla.suse.com/991651"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"important"}],"title":"CVE-2016-4997"},{"cve":"CVE-2016-5195","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-5195"}],"notes":[{"category":"general","text":"Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-5195","url":"https://www.suse.com/security/cve/CVE-2016-5195"},{"category":"external","summary":"SUSE Bug 1004418 for CVE-2016-5195","url":"https://bugzilla.suse.com/1004418"},{"category":"external","summary":"SUSE Bug 1004419 for CVE-2016-5195","url":"https://bugzilla.suse.com/1004419"},{"category":"external","summary":"SUSE Bug 1004436 for CVE-2016-5195","url":"https://bugzilla.suse.com/1004436"},{"category":"external","summary":"SUSE Bug 1006323 for CVE-2016-5195","url":"https://bugzilla.suse.com/1006323"},{"category":"external","summary":"SUSE Bug 1006695 for CVE-2016-5195","url":"https://bugzilla.suse.com/1006695"},{"category":"external","summary":"SUSE Bug 1007291 for CVE-2016-5195","url":"https://bugzilla.suse.com/1007291"},{"category":"external","summary":"SUSE Bug 1008110 for CVE-2016-5195","url":"https://bugzilla.suse.com/1008110"},{"category":"external","summary":"SUSE Bug 1030118 for CVE-2016-5195","url":"https://bugzilla.suse.com/1030118"},{"category":"external","summary":"SUSE Bug 1046453 for CVE-2016-5195","url":"https://bugzilla.suse.com/1046453"},{"category":"external","summary":"SUSE Bug 1069496 for CVE-2016-5195","url":"https://bugzilla.suse.com/1069496"},{"category":"external","summary":"SUSE Bug 1149725 for CVE-2016-5195","url":"https://bugzilla.suse.com/1149725"},{"category":"external","summary":"SUSE Bug 870618 for CVE-2016-5195","url":"https://bugzilla.suse.com/870618"},{"category":"external","summary":"SUSE Bug 986445 for CVE-2016-5195","url":"https://bugzilla.suse.com/986445"},{"category":"external","summary":"SUSE Bug 998689 for CVE-2016-5195","url":"https://bugzilla.suse.com/998689"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"important"}],"title":"CVE-2016-5195"},{"cve":"CVE-2016-5696","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-5696"}],"notes":[{"category":"general","text":"net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-5696","url":"https://www.suse.com/security/cve/CVE-2016-5696"},{"category":"external","summary":"SUSE Bug 1020452 for CVE-2016-5696","url":"https://bugzilla.suse.com/1020452"},{"category":"external","summary":"SUSE Bug 1175721 for CVE-2016-5696","url":"https://bugzilla.suse.com/1175721"},{"category":"external","summary":"SUSE Bug 989152 for CVE-2016-5696","url":"https://bugzilla.suse.com/989152"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.8,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-5696"},{"cve":"CVE-2016-6130","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6130"}],"notes":[{"category":"general","text":"Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a \"double fetch\" vulnerability.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-6130","url":"https://www.suse.com/security/cve/CVE-2016-6130"},{"category":"external","summary":"SUSE Bug 987542 for CVE-2016-6130","url":"https://bugzilla.suse.com/987542"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.2,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"low"}],"title":"CVE-2016-6130"},{"cve":"CVE-2016-6327","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6327"}],"notes":[{"category":"general","text":"drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-6327","url":"https://www.suse.com/security/cve/CVE-2016-6327"},{"category":"external","summary":"SUSE Bug 994748 for CVE-2016-6327","url":"https://bugzilla.suse.com/994748"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-6327"},{"cve":"CVE-2016-6480","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6480"}],"notes":[{"category":"general","text":"Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-6480","url":"https://www.suse.com/security/cve/CVE-2016-6480"},{"category":"external","summary":"SUSE Bug 1004418 for CVE-2016-6480","url":"https://bugzilla.suse.com/1004418"},{"category":"external","summary":"SUSE Bug 991608 for CVE-2016-6480","url":"https://bugzilla.suse.com/991608"},{"category":"external","summary":"SUSE Bug 991667 for CVE-2016-6480","url":"https://bugzilla.suse.com/991667"},{"category":"external","summary":"SUSE Bug 992568 for CVE-2016-6480","url":"https://bugzilla.suse.com/992568"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-6480"},{"cve":"CVE-2016-6828","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-6828"}],"notes":[{"category":"general","text":"The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-6828","url":"https://www.suse.com/security/cve/CVE-2016-6828"},{"category":"external","summary":"SUSE Bug 1052256 for CVE-2016-6828","url":"https://bugzilla.suse.com/1052256"},{"category":"external","summary":"SUSE Bug 994296 for CVE-2016-6828","url":"https://bugzilla.suse.com/994296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-6828"},{"cve":"CVE-2016-7042","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-7042"}],"notes":[{"category":"general","text":"The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-7042","url":"https://www.suse.com/security/cve/CVE-2016-7042"},{"category":"external","summary":"SUSE Bug 1004517 for CVE-2016-7042","url":"https://bugzilla.suse.com/1004517"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-7042"},{"cve":"CVE-2016-7097","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-7097"}],"notes":[{"category":"general","text":"The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-7097","url":"https://www.suse.com/security/cve/CVE-2016-7097"},{"category":"external","summary":"SUSE Bug 1021258 for CVE-2016-7097","url":"https://bugzilla.suse.com/1021258"},{"category":"external","summary":"SUSE Bug 1052256 for CVE-2016-7097","url":"https://bugzilla.suse.com/1052256"},{"category":"external","summary":"SUSE Bug 870618 for CVE-2016-7097","url":"https://bugzilla.suse.com/870618"},{"category":"external","summary":"SUSE Bug 995968 for CVE-2016-7097","url":"https://bugzilla.suse.com/995968"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"low"}],"title":"CVE-2016-7097"},{"cve":"CVE-2016-7425","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-7425"}],"notes":[{"category":"general","text":"The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-7425","url":"https://www.suse.com/security/cve/CVE-2016-7425"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2016-7425","url":"https://bugzilla.suse.com/1115893"},{"category":"external","summary":"SUSE Bug 999932 for CVE-2016-7425","url":"https://bugzilla.suse.com/999932"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-7425"},{"cve":"CVE-2016-8658","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-8658"}],"notes":[{"category":"general","text":"Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-8658","url":"https://www.suse.com/security/cve/CVE-2016-8658"},{"category":"external","summary":"SUSE Bug 1004462 for CVE-2016-8658","url":"https://bugzilla.suse.com/1004462"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.67-60.27.1.x86_64","SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.67-60.27.1.noarch","SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.67-60.27.1.x86_64"]}],"threats":[{"category":"impact","date":"2016-12-30T13:09:04Z","details":"moderate"}],"title":"CVE-2016-8658"}]}