{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\n\nThe SUSE Linux Enterprise 12 SP5 kernel was updated.\n\nThe following security bugs were fixed:\n\n- CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bnc#1191193)\n- CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023)\n- CVE-2021-40490: Fixed a race condition discovered in the ext4 subsystem that could leat to local priviledge escalation. (bnc#1190159)\n- CVE-2021-3744: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1189884)\n- CVE-2021-3764: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1190534)\n\nThe following non-security bugs were fixed:\n\n- be2net: Fix an error handling path in 'be_probe()' (git-fixes).\n- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).\n- bnxt_en: Add missing DMA memory barriers (git-fixes).\n- bnxt_en: do not disable an already disabled PCI device (git-fixes).\n- bnxt: disable napi before canceling DIM (bsc#1104745 ).\n- btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626).\n- clk: at91: clk-generated: Limit the requested rate to our range (git-fixes).\n- clk: kirkwood: Fix a clocking boot regression (git-fixes).\n- crypto: x86/aes-ni-xts - use direct calls to and 4-way stride (bsc#1114648).\n- cxgb4: fix IRQ free race during driver unload (git-fixes).\n- debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1173746).\n- docs: Fix infiniband uverbs minor number (git-fixes).\n- drm/gma500: Fix end of loop tests for list_for_each_entry (bsc#1129770) Backporting changes: \t* refresh\n- drm/imx: ipuv3-plane: Remove two unnecessary export symbols (bsc#1129770) Backporting changes: \t* refreshed\n- drm/mediatek: Add AAL output size configuration (bsc#1129770) Backporting changes: \t* adapted code to use writel() function\n- drm/msm: Small msm_gem_purge() fix (bsc#1129770) Backporting changes: \t* context changes in msm_gem_purge() \t* remove test for non-existant msm_gem_is_locked()\n- drm/msm/dsi: Fix some reference counted resource leaks (bsc#1129770)\n- drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() (bsc#1186785).\n- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 (bsc#1129770) Backporting changes \t* context changes\n- dt-bindings: pwm: stm32: Add #pwm-cells (git-fixes).\n- e1000e: Do not take care about recovery NVM checksum (bsc#1158533).\n- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).\n- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).\n- EDAC/i10nm: Fix NVDIMM detection (bsc#1114648).\n- fbmem: add margin check to fb_check_caps() (bsc#1129770) Backporting changes: \t* context chacnges in fb_set_var()\n- Fix build warnings. Also align code location with later codestreams and improve bisectability.\n- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).\n- fs/select: avoid clang stack usage warning (git-fixes).\n- fuse: truncate pagecache on atomic_o_trunc (bsc#1191051).\n- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).\n- hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185727).\n- hv: mana: adjust mana_select_queue to old API (jsc#SLE-18779, bsc#1185727).\n- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185727).\n- i40e: Add additional info to PHY type error (git-fixes).\n- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).\n- i40e: Fix error handling in i40e_vsi_open (git-fixes).\n- i40e: Fix log TC creation failure when max num of queues is exceeded (bsc#1109837 bsc#1111981).\n- i40e: Fix logic of disabling queues (git-fixes).\n- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).\n- iavf: Set RSS LUT and key in reset handle path (git-fixes).\n- ibmvnic: check failover_pending in login response (bsc#1190523 ltc#194510).\n- ice: Prevent probing virtual functions (bsc#1118661 ).\n- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).\n- igb: Fix an error handling path in 'igb_probe()' (git-fixes).\n- igb: Fix use-after-free error during reset (git-fixes).\n- ipc: remove memcg accounting for sops objects in do_semtimedop() (bsc#1190115).\n- irqchip/gic-v2: Reset APRn registers at boot time (bsc#1189407).\n- irqchip/gic-v3: Do not try to reset AP0Rn (bsc#1189407).\n- irqchip/gic-v3: Reset APgRn registers at boot time (bsc#1189407).\n- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).\n- kdb: do a sanity check on the cpu in kdb_per_cpu() (git-fixes).\n- KVM: x86: Use kernel's x86_phys_bits to handle reduced MAXPHYADDR (bsc#1114648).\n- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).\n- mailbox: sti: quieten kernel-doc warnings (git-fixes).\n- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).\n- net: linkwatch: fix failure to restore device state across suspend/resume (bsc#1109837).\n- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185727).\n- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185727).\n- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185727).\n- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185727).\n- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185727).\n- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185727).\n- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185727).\n- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185727).\n- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185727).\n- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185727).\n- net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).\n- net: qed: fix left elements count calculation (git-fixes).\n- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (git-fixes).\n- net: sched: cls_api: Fix the the wrong parameter (bsc#1109837).\n- net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (bsc#1056657 bsc#1056653 bsc#1056787).\n- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).\n- pinctrl: samsung: Fix pinctrl bank pin count (git-fixes).\n- powerpc: fix function annotations to avoid section mismatch warnings with gcc-10 (bsc#1148868).\n- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543 ltc#194523).\n- powerpc/mm: Fix section mismatch warning (bsc#1148868).\n- powerpc/mm: Fix section mismatch warning in early_check_vec5() (bsc#1148868).\n- powerpc/mm/radix: Free PUD table when freeing pagetable (bsc#1065729).\n- powerpc/numa: Early request for home node associativity (bsc#1190914).\n- powerpc/perf: Drop the case of returning 0 as instruction pointer (bsc#1065729).\n- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set (bsc#1065729).\n- powerpc/perf: Fix the check for SIAR value (bsc#1065729).\n- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).\n- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).\n- powerpc/perf: Use the address from SIAR register to set cpumode flags (bsc#1065729).\n- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).\n- powerpc/powernv: Fix machine check reporting of async store errors (bsc#1065729).\n- powerpc/pseries: Move mm/book3s64/vphn.c under platforms/pseries/ (bsc#1190914).\n- powerpc/pseries: Prevent free CPU ids being reused on another node (bsc#1190620 ltc#194498).\n- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).\n- profiling: fix shift-out-of-bounds bugs (git-fixes).\n- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).\n- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (git-fixes).\n- RDMA/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- RDMA/efa: Be consistent with modify QP bitmask (git-fixes)\n- RDMA/efa: Use the correct current and new states in modify QP (git-fixes)\n- resource: Fix find_next_iomem_res() iteration issue (bsc#1181193).\n- s390: bpf: implement jitting of BPF_ALU | BPF_ARSH | BPF_* (bsc#1190601).\n- s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (bsc#1190601).\n- s390/bpf: Fix branch shortening during codegen pass (bsc#1190601).\n- s390/bpf: Fix optimizing out zero-extensions (bsc#1190601).\n- s390/bpf: Wrap JIT macro parameter usages in parentheses (bsc#1190601).\n- s390/unwind: use current_frame_address() to unwind current task (bsc#1185677).\n- scsi: core: Add helper to return number of logical blocks in a request (bsc#1190576).\n- scsi: core: Introduce the scsi_cmd_to_rq() function (bsc#1190576).\n- scsi: fc: Add EDC ELS definition (bsc#1190576).\n- scsi: fc: Update formal FPIN descriptor definitions (bsc#1190576).\n- scsi: lpfc: Add bsg support for retrieving adapter cmf data (bsc#1190576).\n- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).\n- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).\n- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).\n- scsi: lpfc: Add debugfs support for cm framework buffers (bsc#1190576).\n- scsi: lpfc: Add EDC ELS support (bsc#1190576).\n- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).\n- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).\n- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info to firmware (bsc#1190576).\n- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).\n- scsi: lpfc: Add support for maintaining the cm statistics buffer (bsc#1190576).\n- scsi: lpfc: Add support for the CM framework (bsc#1190576).\n- scsi: lpfc: Adjust bytes received vales during cmf timer interval (bsc#1190576).\n- scsi: lpfc: Copyright updates for 14.0.0.1 patches (bsc#1190576).\n- scsi: lpfc: Do not release final kref on Fport node while ABTS outstanding (bsc#1190576).\n- scsi: lpfc: Do not remove ndlp on PRLI errors in P2P mode (bsc#1190576).\n- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).\n- scsi: lpfc: Fix compilation errors on kernels with no CONFIG_DEBUG_FS (bsc#1190576).\n- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS processing (bsc#1190576).\n- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).\n- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (bsc#1190576).\n- scsi: lpfc: Fix gcc -Wstringop-overread warning, again (bsc#1190576).\n- scsi: lpfc: Fix hang on unload due to stuck fport node (bsc#1190576).\n- scsi: lpfc: Fix I/O block after enabling managed congestion mode (bsc#1190576).\n- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (bsc#1190576).\n- scsi: lpfc: Fix NVMe I/O failover to non-optimized path (bsc#1190576).\n- scsi: lpfc: Fix premature rpi release for unsolicited TPLS and LS_RJT (bsc#1190576).\n- scsi: lpfc: Fix rediscovery of tape device after LIP (bsc#1190576).\n- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn() (bsc#1190576).\n- scsi: lpfc: Improve PBDE checks during SGL processing (bsc#1190576).\n- scsi: lpfc: Remove unneeded variable (bsc#1190576).\n- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).\n- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).\n- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).\n- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190576).\n- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI (bsc#1190576).\n- scsi: lpfc: Zero CGN stats only during initial driver load and stat reset (bsc#1190576).\n- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (bsc#1189297).\n- SUNRPC: Ensure to ratelimit the 'server not responding' syslog messages (bsc#1191136).\n- USB: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (git-fixes).\n- USB: serial: option: add new VID/PID to support Fibocom FG150 (git-fixes).\n- USB: serial: option: remove duplicate USB device ID (git-fixes).\n- video: fbdev: imxfb: Fix an error message (bsc#1129770) Backporting changes: \t* context changes in imxfb_probe()\n- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).\n- x86/crash: Add e820 reserved ranges to kdump kernel's e820 table (bsc#1181193).\n- x86/e820, ioport: Add a new I/O resource descriptor IORES_DESC_RESERVED (bsc#1181193).\n- x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (bsc#1114648).\n- x86/mm: Rework ioremap resource mapping determination (bsc#1181193).\n- x86/resctrl: Fix a maybe-uninitialized build warning treated as error (bsc#1114648).\n- x86/resctrl: Fix default monitoring groups reporting (bsc#1114648).\n- xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' (git-fixes).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2021-3389,SUSE-SLE-SERVER-12-SP5-2021-3389","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3389-1.json"},{"category":"self","summary":"URL for SUSE-SU-2021:3389-1","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20213389-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2021:3389-1","url":"https://lists.suse.com/pipermail/sle-updates/2021-October/020461.html"},{"category":"self","summary":"SUSE Bug 1050244","url":"https://bugzilla.suse.com/1050244"},{"category":"self","summary":"SUSE Bug 1056653","url":"https://bugzilla.suse.com/1056653"},{"category":"self","summary":"SUSE Bug 1056657","url":"https://bugzilla.suse.com/1056657"},{"category":"self","summary":"SUSE Bug 1056787","url":"https://bugzilla.suse.com/1056787"},{"category":"self","summary":"SUSE Bug 1065729","url":"https://bugzilla.suse.com/1065729"},{"category":"self","summary":"SUSE Bug 1104745","url":"https://bugzilla.suse.com/1104745"},{"category":"self","summary":"SUSE Bug 1109837","url":"https://bugzilla.suse.com/1109837"},{"category":"self","summary":"SUSE Bug 1111981","url":"https://bugzilla.suse.com/1111981"},{"category":"self","summary":"SUSE Bug 1114648","url":"https://bugzilla.suse.com/1114648"},{"category":"self","summary":"SUSE Bug 1118661","url":"https://bugzilla.suse.com/1118661"},{"category":"self","summary":"SUSE Bug 1129770","url":"https://bugzilla.suse.com/1129770"},{"category":"self","summary":"SUSE Bug 1148868","url":"https://bugzilla.suse.com/1148868"},{"category":"self","summary":"SUSE Bug 1158533","url":"https://bugzilla.suse.com/1158533"},{"category":"self","summary":"SUSE Bug 1173746","url":"https://bugzilla.suse.com/1173746"},{"category":"self","summary":"SUSE Bug 1176940","url":"https://bugzilla.suse.com/1176940"},{"category":"self","summary":"SUSE Bug 1181193","url":"https://bugzilla.suse.com/1181193"},{"category":"self","summary":"SUSE Bug 1184439","url":"https://bugzilla.suse.com/1184439"},{"category":"self","summary":"SUSE Bug 1185677","url":"https://bugzilla.suse.com/1185677"},{"category":"self","summary":"SUSE Bug 1185727","url":"https://bugzilla.suse.com/1185727"},{"category":"self","summary":"SUSE Bug 1186785","url":"https://bugzilla.suse.com/1186785"},{"category":"self","summary":"SUSE Bug 1189297","url":"https://bugzilla.suse.com/1189297"},{"category":"self","summary":"SUSE Bug 1189407","url":"https://bugzilla.suse.com/1189407"},{"category":"self","summary":"SUSE Bug 1189884","url":"https://bugzilla.suse.com/1189884"},{"category":"self","summary":"SUSE Bug 1190023","url":"https://bugzilla.suse.com/1190023"},{"category":"self","summary":"SUSE Bug 1190115","url":"https://bugzilla.suse.com/1190115"},{"category":"self","summary":"SUSE Bug 1190159","url":"https://bugzilla.suse.com/1190159"},{"category":"self","summary":"SUSE Bug 1190432","url":"https://bugzilla.suse.com/1190432"},{"category":"self","summary":"SUSE Bug 1190523","url":"https://bugzilla.suse.com/1190523"},{"category":"self","summary":"SUSE Bug 1190534","url":"https://bugzilla.suse.com/1190534"},{"category":"self","summary":"SUSE Bug 1190543","url":"https://bugzilla.suse.com/1190543"},{"category":"self","summary":"SUSE Bug 1190576","url":"https://bugzilla.suse.com/1190576"},{"category":"self","summary":"SUSE Bug 1190601","url":"https://bugzilla.suse.com/1190601"},{"category":"self","summary":"SUSE Bug 1190620","url":"https://bugzilla.suse.com/1190620"},{"category":"self","summary":"SUSE Bug 1190626","url":"https://bugzilla.suse.com/1190626"},{"category":"self","summary":"SUSE Bug 1190717","url":"https://bugzilla.suse.com/1190717"},{"category":"self","summary":"SUSE Bug 1190914","url":"https://bugzilla.suse.com/1190914"},{"category":"self","summary":"SUSE Bug 1191051","url":"https://bugzilla.suse.com/1191051"},{"category":"self","summary":"SUSE Bug 1191136","url":"https://bugzilla.suse.com/1191136"},{"category":"self","summary":"SUSE Bug 1191193","url":"https://bugzilla.suse.com/1191193"},{"category":"self","summary":"SUSE CVE CVE-2020-3702 page","url":"https://www.suse.com/security/cve/CVE-2020-3702/"},{"category":"self","summary":"SUSE CVE CVE-2021-3744 page","url":"https://www.suse.com/security/cve/CVE-2021-3744/"},{"category":"self","summary":"SUSE CVE CVE-2021-3752 page","url":"https://www.suse.com/security/cve/CVE-2021-3752/"},{"category":"self","summary":"SUSE CVE CVE-2021-3764 page","url":"https://www.suse.com/security/cve/CVE-2021-3764/"},{"category":"self","summary":"SUSE CVE CVE-2021-40490 page","url":"https://www.suse.com/security/cve/CVE-2021-40490/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2021-10-12T16:26:03Z","generator":{"date":"2021-10-12T16:26:03Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2021:3389-1","initial_release_date":"2021-10-12T16:26:03Z","revision_history":[{"date":"2021-10-12T16:26:03Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-azure-4.12.14-16.76.2.noarch","product":{"name":"kernel-devel-azure-4.12.14-16.76.2.noarch","product_id":"kernel-devel-azure-4.12.14-16.76.2.noarch"}},{"category":"product_version","name":"kernel-source-azure-4.12.14-16.76.2.noarch","product":{"name":"kernel-source-azure-4.12.14-16.76.2.noarch","product_id":"kernel-source-azure-4.12.14-16.76.2.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-azure-4.12.14-16.76.2.x86_64","product":{"name":"cluster-md-kmp-azure-4.12.14-16.76.2.x86_64","product_id":"cluster-md-kmp-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"dlm-kmp-azure-4.12.14-16.76.2.x86_64","product":{"name":"dlm-kmp-azure-4.12.14-16.76.2.x86_64","product_id":"dlm-kmp-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"gfs2-kmp-azure-4.12.14-16.76.2.x86_64","product":{"name":"gfs2-kmp-azure-4.12.14-16.76.2.x86_64","product_id":"gfs2-kmp-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-azure-4.12.14-16.76.2.x86_64","product":{"name":"kernel-azure-4.12.14-16.76.2.x86_64","product_id":"kernel-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-azure-base-4.12.14-16.76.2.x86_64","product":{"name":"kernel-azure-base-4.12.14-16.76.2.x86_64","product_id":"kernel-azure-base-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-azure-devel-4.12.14-16.76.2.x86_64","product":{"name":"kernel-azure-devel-4.12.14-16.76.2.x86_64","product_id":"kernel-azure-devel-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-azure-extra-4.12.14-16.76.2.x86_64","product":{"name":"kernel-azure-extra-4.12.14-16.76.2.x86_64","product_id":"kernel-azure-extra-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-azure-kgraft-devel-4.12.14-16.76.2.x86_64","product":{"name":"kernel-azure-kgraft-devel-4.12.14-16.76.2.x86_64","product_id":"kernel-azure-kgraft-devel-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kernel-syms-azure-4.12.14-16.76.2.x86_64","product":{"name":"kernel-syms-azure-4.12.14-16.76.2.x86_64","product_id":"kernel-syms-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"kselftests-kmp-azure-4.12.14-16.76.2.x86_64","product":{"name":"kselftests-kmp-azure-4.12.14-16.76.2.x86_64","product_id":"kselftests-kmp-azure-4.12.14-16.76.2.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-azure-4.12.14-16.76.2.x86_64","product":{"name":"ocfs2-kmp-azure-4.12.14-16.76.2.x86_64","product_id":"ocfs2-kmp-azure-4.12.14-16.76.2.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5","product":{"name":"SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp5"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-azure-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-base-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-base-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-devel-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-devel-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-azure-4.12.14-16.76.2.noarch as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch"},"product_reference":"kernel-devel-azure-4.12.14-16.76.2.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-azure-4.12.14-16.76.2.noarch as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch"},"product_reference":"kernel-source-azure-4.12.14-16.76.2.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-azure-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-syms-azure-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-base-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-base-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-devel-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-azure-devel-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-azure-4.12.14-16.76.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch"},"product_reference":"kernel-devel-azure-4.12.14-16.76.2.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-azure-4.12.14-16.76.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch"},"product_reference":"kernel-source-azure-4.12.14-16.76.2.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-azure-4.12.14-16.76.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"},"product_reference":"kernel-syms-azure-4.12.14-16.76.2.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"}]},"vulnerabilities":[{"cve":"CVE-2020-3702","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-3702"}],"notes":[{"category":"general","text":"u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-3702","url":"https://www.suse.com/security/cve/CVE-2020-3702"},{"category":"external","summary":"SUSE Bug 1191193 for CVE-2020-3702","url":"https://bugzilla.suse.com/1191193"},{"category":"external","summary":"SUSE Bug 1191529 for CVE-2020-3702","url":"https://bugzilla.suse.com/1191529"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-12T16:26:03Z","details":"important"}],"title":"CVE-2020-3702"},{"cve":"CVE-2021-3744","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3744"}],"notes":[{"category":"general","text":"A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3744","url":"https://www.suse.com/security/cve/CVE-2021-3744"},{"category":"external","summary":"SUSE Bug 1189884 for CVE-2021-3744","url":"https://bugzilla.suse.com/1189884"},{"category":"external","summary":"SUSE Bug 1190534 for CVE-2021-3744","url":"https://bugzilla.suse.com/1190534"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-12T16:26:03Z","details":"moderate"}],"title":"CVE-2021-3744"},{"cve":"CVE-2021-3752","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3752"}],"notes":[{"category":"general","text":"A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3752","url":"https://www.suse.com/security/cve/CVE-2021-3752"},{"category":"external","summary":"SUSE Bug 1190023 for CVE-2021-3752","url":"https://bugzilla.suse.com/1190023"},{"category":"external","summary":"SUSE Bug 1190432 for CVE-2021-3752","url":"https://bugzilla.suse.com/1190432"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-12T16:26:03Z","details":"important"}],"title":"CVE-2021-3752"},{"cve":"CVE-2021-3764","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3764"}],"notes":[{"category":"general","text":"A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3764","url":"https://www.suse.com/security/cve/CVE-2021-3764"},{"category":"external","summary":"SUSE Bug 1190534 for CVE-2021-3764","url":"https://bugzilla.suse.com/1190534"},{"category":"external","summary":"SUSE Bug 1194518 for CVE-2021-3764","url":"https://bugzilla.suse.com/1194518"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-12T16:26:03Z","details":"moderate"}],"title":"CVE-2021-3764"},{"cve":"CVE-2021-40490","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-40490"}],"notes":[{"category":"general","text":"A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-40490","url":"https://www.suse.com/security/cve/CVE-2021-40490"},{"category":"external","summary":"SUSE Bug 1190159 for CVE-2021-40490","url":"https://bugzilla.suse.com/1190159"},{"category":"external","summary":"SUSE Bug 1192775 for CVE-2021-40490","url":"https://bugzilla.suse.com/1192775"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.76.2.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.76.2.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.76.2.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-12T16:26:03Z","details":"moderate"}],"title":"CVE-2021-40490"}]}