{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\nThe SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface\n  for bridging. This allowed a privileged user to arbitrarily write to a limited\n  range of kernel memory (bnc#1085107).\n- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a\n  denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall\n  and munlockall system calls (bnc#1084323).\n- CVE-2018-1066: Prevent NULL pointer dereference in\n  fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a\n  CIFS server to kernel panic a client that has this server mounted, because an\n  empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled\n  during session recovery (bnc#1083640).\n- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel\n  v4l2 video driver (bnc#1072865).\n- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose\n  kernel memory addresses. Successful exploitation required that a USB device was\n  attached over IP (bnc#1078674).\n- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that\n  already exists but is uninstantiated, which allowed local users to cause a\n  denial of service (NULL pointer dereference and system crash) or possibly have\n  unspecified other impact via a crafted system call (bnc#1063416).\n- CVE-2017-18208: The madvise_willneed function kernel allowed local users to\n  cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED\n  for a DAX mapping (bnc#1083494).\n- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand\n  by invoking snd_seq_pool_init() when the first write happens and the pool is\n  empty. A user could have reset the pool size manually via ioctl concurrently,\n  which may have lead UAF or out-of-bound access (bsc#1083483).\n- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a\n  denial of service (deadlock) via DIO requests (bnc#1083244).\n- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a\n  denial of service (improper error handling and system crash) or possibly have\n  unspecified other impact via a crafted USB device (bnc#1067118).\n- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial\n  of service (integer overflow) or possibly have unspecified other impact by\n  triggering a negative wake or requeue value (bnc#1080757).\n- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to\n  cause a denial of service (NULL pointer dereference) via a specially crafted\n  USB over IP packet (bnc#1078669).\n- CVE-2016-7915: The hid_input_field function allowed physically proximate\n  attackers to obtain sensitive information from kernel memory or cause a denial\n  of service (out-of-bounds read) by connecting a device (bnc#1010470).\n- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did\n  unbalanced refcounting when a SCSI I/O vector had small consecutive buffers\n  belonging to the same page. The bio_add_pc_page function merged them into one,\n  but the page reference was never dropped. This caused a memory leak and\n  possible system lockup (exploitable against the host OS by a guest OS user, if\n  a SCSI disk is passed through to a virtual machine) due to an out-of-memory\n  condition (bnc#1062568).\n- CVE-2017-16912: The 'get_pipe()' function allowed attackers to cause a denial\n  of service (out-of-bounds read) via a specially crafted USB over IP packet\n  (bnc#1078673).\n- CVE-2017-16913: The 'stub_recv_cmd_submit()' function when handling\n  CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary\n  memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value\n  that is used during DMA page allocation, leading to a heap-based out-of-bounds\n  write (related to the rds_rdma_extra_size function in net/rds/rdma.c)\n  (bnc#1075621).\n- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled\n  cases where page pinning fails or an invalid address is supplied, leading to an\n  rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to\n  cause a denial of service (use-after-free and memory corruption) or possibly\n  have unspecified other impact by leveraging the presence of xt_TCPMSS in an\n  iptables action (bnc#1074488).\n\nThe following non-security bugs were fixed:\n\n- Fix build on arm64 by defining empty gmb() (bnc#1068032).\n- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).\n- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).\n- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).\n- include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header (bsc#1077560).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).\n- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- packet: only call dev_add_pack() on freshly allocated fanout instances\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).\n- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-SLE-Module-Public-Cloud-12-2018-558,SUSE-SLE-SERVER-12-2018-558","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0834-1.json"},{"category":"self","summary":"URL for SUSE-SU-2018:0834-1","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180834-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2018:0834-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2018-March/003850.html"},{"category":"self","summary":"SUSE Bug 1010470","url":"https://bugzilla.suse.com/1010470"},{"category":"self","summary":"SUSE Bug 1012382","url":"https://bugzilla.suse.com/1012382"},{"category":"self","summary":"SUSE Bug 1045330","url":"https://bugzilla.suse.com/1045330"},{"category":"self","summary":"SUSE Bug 1062568","url":"https://bugzilla.suse.com/1062568"},{"category":"self","summary":"SUSE Bug 1063416","url":"https://bugzilla.suse.com/1063416"},{"category":"self","summary":"SUSE Bug 1066001","url":"https://bugzilla.suse.com/1066001"},{"category":"self","summary":"SUSE Bug 1067118","url":"https://bugzilla.suse.com/1067118"},{"category":"self","summary":"SUSE Bug 1068032","url":"https://bugzilla.suse.com/1068032"},{"category":"self","summary":"SUSE Bug 1072689","url":"https://bugzilla.suse.com/1072689"},{"category":"self","summary":"SUSE Bug 1072865","url":"https://bugzilla.suse.com/1072865"},{"category":"self","summary":"SUSE Bug 1074488","url":"https://bugzilla.suse.com/1074488"},{"category":"self","summary":"SUSE Bug 1075617","url":"https://bugzilla.suse.com/1075617"},{"category":"self","summary":"SUSE Bug 1075621","url":"https://bugzilla.suse.com/1075621"},{"category":"self","summary":"SUSE Bug 1077560","url":"https://bugzilla.suse.com/1077560"},{"category":"self","summary":"SUSE Bug 1078669","url":"https://bugzilla.suse.com/1078669"},{"category":"self","summary":"SUSE Bug 1078672","url":"https://bugzilla.suse.com/1078672"},{"category":"self","summary":"SUSE Bug 1078673","url":"https://bugzilla.suse.com/1078673"},{"category":"self","summary":"SUSE Bug 1078674","url":"https://bugzilla.suse.com/1078674"},{"category":"self","summary":"SUSE Bug 1080255","url":"https://bugzilla.suse.com/1080255"},{"category":"self","summary":"SUSE Bug 1080464","url":"https://bugzilla.suse.com/1080464"},{"category":"self","summary":"SUSE Bug 1080757","url":"https://bugzilla.suse.com/1080757"},{"category":"self","summary":"SUSE Bug 1082299","url":"https://bugzilla.suse.com/1082299"},{"category":"self","summary":"SUSE Bug 1083244","url":"https://bugzilla.suse.com/1083244"},{"category":"self","summary":"SUSE Bug 1083483","url":"https://bugzilla.suse.com/1083483"},{"category":"self","summary":"SUSE Bug 1083494","url":"https://bugzilla.suse.com/1083494"},{"category":"self","summary":"SUSE Bug 1083640","url":"https://bugzilla.suse.com/1083640"},{"category":"self","summary":"SUSE Bug 1084323","url":"https://bugzilla.suse.com/1084323"},{"category":"self","summary":"SUSE Bug 1085107","url":"https://bugzilla.suse.com/1085107"},{"category":"self","summary":"SUSE Bug 1085114","url":"https://bugzilla.suse.com/1085114"},{"category":"self","summary":"SUSE Bug 1085279","url":"https://bugzilla.suse.com/1085279"},{"category":"self","summary":"SUSE Bug 1085447","url":"https://bugzilla.suse.com/1085447"},{"category":"self","summary":"SUSE CVE CVE-2016-7915 page","url":"https://www.suse.com/security/cve/CVE-2016-7915/"},{"category":"self","summary":"SUSE CVE CVE-2017-12190 page","url":"https://www.suse.com/security/cve/CVE-2017-12190/"},{"category":"self","summary":"SUSE CVE CVE-2017-13166 page","url":"https://www.suse.com/security/cve/CVE-2017-13166/"},{"category":"self","summary":"SUSE CVE CVE-2017-15299 page","url":"https://www.suse.com/security/cve/CVE-2017-15299/"},{"category":"self","summary":"SUSE CVE CVE-2017-16644 page","url":"https://www.suse.com/security/cve/CVE-2017-16644/"},{"category":"self","summary":"SUSE CVE CVE-2017-16911 page","url":"https://www.suse.com/security/cve/CVE-2017-16911/"},{"category":"self","summary":"SUSE CVE CVE-2017-16912 page","url":"https://www.suse.com/security/cve/CVE-2017-16912/"},{"category":"self","summary":"SUSE CVE CVE-2017-16913 page","url":"https://www.suse.com/security/cve/CVE-2017-16913/"},{"category":"self","summary":"SUSE CVE CVE-2017-16914 page","url":"https://www.suse.com/security/cve/CVE-2017-16914/"},{"category":"self","summary":"SUSE CVE CVE-2017-18017 page","url":"https://www.suse.com/security/cve/CVE-2017-18017/"},{"category":"self","summary":"SUSE CVE CVE-2017-18204 page","url":"https://www.suse.com/security/cve/CVE-2017-18204/"},{"category":"self","summary":"SUSE CVE CVE-2017-18208 page","url":"https://www.suse.com/security/cve/CVE-2017-18208/"},{"category":"self","summary":"SUSE CVE CVE-2017-18221 page","url":"https://www.suse.com/security/cve/CVE-2017-18221/"},{"category":"self","summary":"SUSE CVE CVE-2018-1066 page","url":"https://www.suse.com/security/cve/CVE-2018-1066/"},{"category":"self","summary":"SUSE CVE CVE-2018-1068 page","url":"https://www.suse.com/security/cve/CVE-2018-1068/"},{"category":"self","summary":"SUSE CVE CVE-2018-5332 page","url":"https://www.suse.com/security/cve/CVE-2018-5332/"},{"category":"self","summary":"SUSE CVE CVE-2018-5333 page","url":"https://www.suse.com/security/cve/CVE-2018-5333/"},{"category":"self","summary":"SUSE CVE CVE-2018-6927 page","url":"https://www.suse.com/security/cve/CVE-2018-6927/"},{"category":"self","summary":"SUSE CVE CVE-2018-7566 page","url":"https://www.suse.com/security/cve/CVE-2018-7566/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2018-03-28T14:17:49Z","generator":{"date":"2018-03-28T14:17:49Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2018:0834-1","initial_release_date":"2018-03-28T14:17:49Z","revision_history":[{"date":"2018-03-28T14:17:49Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-3.12.61-52.125.1.noarch","product":{"name":"kernel-devel-3.12.61-52.125.1.noarch","product_id":"kernel-devel-3.12.61-52.125.1.noarch"}},{"category":"product_version","name":"kernel-macros-3.12.61-52.125.1.noarch","product":{"name":"kernel-macros-3.12.61-52.125.1.noarch","product_id":"kernel-macros-3.12.61-52.125.1.noarch"}},{"category":"product_version","name":"kernel-source-3.12.61-52.125.1.noarch","product":{"name":"kernel-source-3.12.61-52.125.1.noarch","product_id":"kernel-source-3.12.61-52.125.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"kernel-default-3.12.61-52.125.1.ppc64le","product":{"name":"kernel-default-3.12.61-52.125.1.ppc64le","product_id":"kernel-default-3.12.61-52.125.1.ppc64le"}},{"category":"product_version","name":"kernel-default-base-3.12.61-52.125.1.ppc64le","product":{"name":"kernel-default-base-3.12.61-52.125.1.ppc64le","product_id":"kernel-default-base-3.12.61-52.125.1.ppc64le"}},{"category":"product_version","name":"kernel-default-devel-3.12.61-52.125.1.ppc64le","product":{"name":"kernel-default-devel-3.12.61-52.125.1.ppc64le","product_id":"kernel-default-devel-3.12.61-52.125.1.ppc64le"}},{"category":"product_version","name":"kernel-syms-3.12.61-52.125.1.ppc64le","product":{"name":"kernel-syms-3.12.61-52.125.1.ppc64le","product_id":"kernel-syms-3.12.61-52.125.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"kernel-default-3.12.61-52.125.1.s390x","product":{"name":"kernel-default-3.12.61-52.125.1.s390x","product_id":"kernel-default-3.12.61-52.125.1.s390x"}},{"category":"product_version","name":"kernel-default-base-3.12.61-52.125.1.s390x","product":{"name":"kernel-default-base-3.12.61-52.125.1.s390x","product_id":"kernel-default-base-3.12.61-52.125.1.s390x"}},{"category":"product_version","name":"kernel-default-devel-3.12.61-52.125.1.s390x","product":{"name":"kernel-default-devel-3.12.61-52.125.1.s390x","product_id":"kernel-default-devel-3.12.61-52.125.1.s390x"}},{"category":"product_version","name":"kernel-default-man-3.12.61-52.125.1.s390x","product":{"name":"kernel-default-man-3.12.61-52.125.1.s390x","product_id":"kernel-default-man-3.12.61-52.125.1.s390x"}},{"category":"product_version","name":"kernel-syms-3.12.61-52.125.1.s390x","product":{"name":"kernel-syms-3.12.61-52.125.1.s390x","product_id":"kernel-syms-3.12.61-52.125.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"kernel-ec2-3.12.61-52.125.1.x86_64","product":{"name":"kernel-ec2-3.12.61-52.125.1.x86_64","product_id":"kernel-ec2-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-ec2-devel-3.12.61-52.125.1.x86_64","product":{"name":"kernel-ec2-devel-3.12.61-52.125.1.x86_64","product_id":"kernel-ec2-devel-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-ec2-extra-3.12.61-52.125.1.x86_64","product":{"name":"kernel-ec2-extra-3.12.61-52.125.1.x86_64","product_id":"kernel-ec2-extra-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-default-3.12.61-52.125.1.x86_64","product":{"name":"kernel-default-3.12.61-52.125.1.x86_64","product_id":"kernel-default-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-default-base-3.12.61-52.125.1.x86_64","product":{"name":"kernel-default-base-3.12.61-52.125.1.x86_64","product_id":"kernel-default-base-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-default-devel-3.12.61-52.125.1.x86_64","product":{"name":"kernel-default-devel-3.12.61-52.125.1.x86_64","product_id":"kernel-default-devel-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-syms-3.12.61-52.125.1.x86_64","product":{"name":"kernel-syms-3.12.61-52.125.1.x86_64","product_id":"kernel-syms-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-xen-3.12.61-52.125.1.x86_64","product":{"name":"kernel-xen-3.12.61-52.125.1.x86_64","product_id":"kernel-xen-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-xen-base-3.12.61-52.125.1.x86_64","product":{"name":"kernel-xen-base-3.12.61-52.125.1.x86_64","product_id":"kernel-xen-base-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kernel-xen-devel-3.12.61-52.125.1.x86_64","product":{"name":"kernel-xen-devel-3.12.61-52.125.1.x86_64","product_id":"kernel-xen-devel-3.12.61-52.125.1.x86_64"}},{"category":"product_version","name":"kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","product":{"name":"kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","product_id":"kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64"}},{"category":"product_version","name":"kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64","product":{"name":"kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64","product_id":"kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Module for Public Cloud 12","product":{"name":"SUSE Linux Enterprise Module for Public Cloud 12","product_id":"SUSE Linux Enterprise Module for Public Cloud 12","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-public-cloud:12"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12-LTSS","product":{"name":"SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12","product_id":"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-ec2-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Public Cloud 12"},{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12","product_id":"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-ec2-devel-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Public Cloud 12"},{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-extra-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12","product_id":"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-ec2-extra-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Public Cloud 12"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le"},"product_reference":"kernel-default-3.12.61-52.125.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x"},"product_reference":"kernel-default-3.12.61-52.125.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-default-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le"},"product_reference":"kernel-default-base-3.12.61-52.125.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x"},"product_reference":"kernel-default-base-3.12.61-52.125.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-default-base-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le"},"product_reference":"kernel-default-devel-3.12.61-52.125.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x"},"product_reference":"kernel-default-devel-3.12.61-52.125.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-default-devel-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-man-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x"},"product_reference":"kernel-default-man-3.12.61-52.125.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch"},"product_reference":"kernel-devel-3.12.61-52.125.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch"},"product_reference":"kernel-macros-3.12.61-52.125.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch"},"product_reference":"kernel-source-3.12.61-52.125.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le"},"product_reference":"kernel-syms-3.12.61-52.125.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x"},"product_reference":"kernel-syms-3.12.61-52.125.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-syms-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-xen-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-base-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-xen-base-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64"},"product_reference":"kernel-xen-devel-3.12.61-52.125.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64"},"product_reference":"kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"},{"category":"default_component_of","full_product_name":{"name":"kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS","product_id":"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"},"product_reference":"kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12-LTSS"}]},"vulnerabilities":[{"cve":"CVE-2016-7915","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-7915"}],"notes":[{"category":"general","text":"The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-7915","url":"https://www.suse.com/security/cve/CVE-2016-7915"},{"category":"external","summary":"SUSE Bug 1010470 for CVE-2016-7915","url":"https://bugzilla.suse.com/1010470"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2016-7915","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2016-7915"},{"cve":"CVE-2017-12190","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-12190"}],"notes":[{"category":"general","text":"The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-12190","url":"https://www.suse.com/security/cve/CVE-2017-12190"},{"category":"external","summary":"SUSE Bug 1062568 for CVE-2017-12190","url":"https://bugzilla.suse.com/1062568"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-12190","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-12190"},{"cve":"CVE-2017-13166","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-13166"}],"notes":[{"category":"general","text":"An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-13166","url":"https://www.suse.com/security/cve/CVE-2017-13166"},{"category":"external","summary":"SUSE Bug 1072865 for CVE-2017-13166","url":"https://bugzilla.suse.com/1072865"},{"category":"external","summary":"SUSE Bug 1074488 for CVE-2017-13166","url":"https://bugzilla.suse.com/1074488"},{"category":"external","summary":"SUSE Bug 1085447 for CVE-2017-13166","url":"https://bugzilla.suse.com/1085447"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-13166","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-13166","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-13166"},{"cve":"CVE-2017-15299","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-15299"}],"notes":[{"category":"general","text":"The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-15299","url":"https://www.suse.com/security/cve/CVE-2017-15299"},{"category":"external","summary":"SUSE Bug 1063416 for CVE-2017-15299","url":"https://bugzilla.suse.com/1063416"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-15299"},{"cve":"CVE-2017-16644","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16644"}],"notes":[{"category":"general","text":"The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16644","url":"https://www.suse.com/security/cve/CVE-2017-16644"},{"category":"external","summary":"SUSE Bug 1067118 for CVE-2017-16644","url":"https://bugzilla.suse.com/1067118"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16644","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16644","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1146519 for CVE-2017-16644","url":"https://bugzilla.suse.com/1146519"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-16644"},{"cve":"CVE-2017-16911","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16911"}],"notes":[{"category":"general","text":"The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16911","url":"https://www.suse.com/security/cve/CVE-2017-16911"},{"category":"external","summary":"SUSE Bug 1078674 for CVE-2017-16911","url":"https://bugzilla.suse.com/1078674"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16911","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16911","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"low"}],"title":"CVE-2017-16911"},{"cve":"CVE-2017-16912","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16912"}],"notes":[{"category":"general","text":"The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16912","url":"https://www.suse.com/security/cve/CVE-2017-16912"},{"category":"external","summary":"SUSE Bug 1078673 for CVE-2017-16912","url":"https://bugzilla.suse.com/1078673"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16912","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16912","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-16912"},{"cve":"CVE-2017-16913","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16913"}],"notes":[{"category":"general","text":"The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16913","url":"https://www.suse.com/security/cve/CVE-2017-16913"},{"category":"external","summary":"SUSE Bug 1078672 for CVE-2017-16913","url":"https://bugzilla.suse.com/1078672"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16913","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16913","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-16913"},{"cve":"CVE-2017-16914","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16914"}],"notes":[{"category":"general","text":"The \"stub_send_ret_submit()\" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16914","url":"https://www.suse.com/security/cve/CVE-2017-16914"},{"category":"external","summary":"SUSE Bug 1078669 for CVE-2017-16914","url":"https://bugzilla.suse.com/1078669"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16914","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16914","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"low"}],"title":"CVE-2017-16914"},{"cve":"CVE-2017-18017","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18017"}],"notes":[{"category":"general","text":"The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18017","url":"https://www.suse.com/security/cve/CVE-2017-18017"},{"category":"external","summary":"SUSE Bug 1074488 for CVE-2017-18017","url":"https://bugzilla.suse.com/1074488"},{"category":"external","summary":"SUSE Bug 1080255 for CVE-2017-18017","url":"https://bugzilla.suse.com/1080255"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-18017","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2017-18017","url":"https://bugzilla.suse.com/1115893"},{"category":"external","summary":"SUSE Bug 971126 for CVE-2017-18017","url":"https://bugzilla.suse.com/971126"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-18017"},{"cve":"CVE-2017-18204","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18204"}],"notes":[{"category":"general","text":"The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18204","url":"https://www.suse.com/security/cve/CVE-2017-18204"},{"category":"external","summary":"SUSE Bug 1083244 for CVE-2017-18204","url":"https://bugzilla.suse.com/1083244"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-18204"},{"cve":"CVE-2017-18208","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18208"}],"notes":[{"category":"general","text":"The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18208","url":"https://www.suse.com/security/cve/CVE-2017-18208"},{"category":"external","summary":"SUSE Bug 1083494 for CVE-2017-18208","url":"https://bugzilla.suse.com/1083494"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-18208","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-18208","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-18208"},{"cve":"CVE-2017-18221","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18221"}],"notes":[{"category":"general","text":"The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18221","url":"https://www.suse.com/security/cve/CVE-2017-18221"},{"category":"external","summary":"SUSE Bug 1084323 for CVE-2017-18221","url":"https://bugzilla.suse.com/1084323"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2017-18221"},{"cve":"CVE-2018-1066","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-1066"}],"notes":[{"category":"general","text":"The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-1066","url":"https://www.suse.com/security/cve/CVE-2018-1066"},{"category":"external","summary":"SUSE Bug 1083640 for CVE-2018-1066","url":"https://bugzilla.suse.com/1083640"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2018-1066"},{"cve":"CVE-2018-1068","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-1068"}],"notes":[{"category":"general","text":"A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-1068","url":"https://www.suse.com/security/cve/CVE-2018-1068"},{"category":"external","summary":"SUSE Bug 1085107 for CVE-2018-1068","url":"https://bugzilla.suse.com/1085107"},{"category":"external","summary":"SUSE Bug 1085114 for CVE-2018-1068","url":"https://bugzilla.suse.com/1085114"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2018-1068","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1123903 for CVE-2018-1068","url":"https://bugzilla.suse.com/1123903"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"important"}],"title":"CVE-2018-1068"},{"cve":"CVE-2018-5332","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-5332"}],"notes":[{"category":"general","text":"In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-5332","url":"https://www.suse.com/security/cve/CVE-2018-5332"},{"category":"external","summary":"SUSE Bug 1075621 for CVE-2018-5332","url":"https://bugzilla.suse.com/1075621"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-5332","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2018-5332","url":"https://bugzilla.suse.com/1115893"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"low"}],"title":"CVE-2018-5332"},{"cve":"CVE-2018-5333","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-5333"}],"notes":[{"category":"general","text":"In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-5333","url":"https://www.suse.com/security/cve/CVE-2018-5333"},{"category":"external","summary":"SUSE Bug 1075617 for CVE-2018-5333","url":"https://bugzilla.suse.com/1075617"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-5333","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.9,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"low"}],"title":"CVE-2018-5333"},{"cve":"CVE-2018-6927","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6927"}],"notes":[{"category":"general","text":"The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6927","url":"https://www.suse.com/security/cve/CVE-2018-6927"},{"category":"external","summary":"SUSE Bug 1080757 for CVE-2018-6927","url":"https://bugzilla.suse.com/1080757"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-6927","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2018-6927"},{"cve":"CVE-2018-7566","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-7566"}],"notes":[{"category":"general","text":"The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-7566","url":"https://www.suse.com/security/cve/CVE-2018-7566"},{"category":"external","summary":"SUSE Bug 1083483 for CVE-2018-7566","url":"https://bugzilla.suse.com/1083483"},{"category":"external","summary":"SUSE Bug 1083488 for CVE-2018-7566","url":"https://bugzilla.suse.com/1083488"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2018-7566","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-7566","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.3,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x","SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64","SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-03-28T14:17:49Z","details":"moderate"}],"title":"CVE-2018-7566"}]}