{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\nThe SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-15393: CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).\n- CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free (bnc#1201429).\n- CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could lead to a NULL pointer dereference and general protection fault (bnc#1200910).\n- CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).\n- CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT (bnc#1201636).\n- CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free. (bnc#1196973)\n- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829).\n- CVE-2022-20166: Fixed possible out of bounds write due to sprintf unsafety that could cause local escalation of privilege (bnc#1200598).\n- CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).\n- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).\n- CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940).\n\nThe following non-security bugs were fixed:\n\n- kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).\n- kvm: emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2022-2840,SUSE-SLE-SERVER-12-SP3-BCL-2022-2840","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2840-1.json"},{"category":"self","summary":"URL for SUSE-SU-2022:2840-1","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20222840-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2022:2840-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2022-August/011942.html"},{"category":"self","summary":"SUSE Bug 1173514","url":"https://bugzilla.suse.com/1173514"},{"category":"self","summary":"SUSE Bug 1196973","url":"https://bugzilla.suse.com/1196973"},{"category":"self","summary":"SUSE Bug 1198829","url":"https://bugzilla.suse.com/1198829"},{"category":"self","summary":"SUSE Bug 1200598","url":"https://bugzilla.suse.com/1200598"},{"category":"self","summary":"SUSE Bug 1200762","url":"https://bugzilla.suse.com/1200762"},{"category":"self","summary":"SUSE Bug 1200910","url":"https://bugzilla.suse.com/1200910"},{"category":"self","summary":"SUSE Bug 1201251","url":"https://bugzilla.suse.com/1201251"},{"category":"self","summary":"SUSE Bug 1201429","url":"https://bugzilla.suse.com/1201429"},{"category":"self","summary":"SUSE Bug 1201635","url":"https://bugzilla.suse.com/1201635"},{"category":"self","summary":"SUSE Bug 1201636","url":"https://bugzilla.suse.com/1201636"},{"category":"self","summary":"SUSE Bug 1201930","url":"https://bugzilla.suse.com/1201930"},{"category":"self","summary":"SUSE Bug 1201940","url":"https://bugzilla.suse.com/1201940"},{"category":"self","summary":"SUSE CVE CVE-2020-15393 page","url":"https://www.suse.com/security/cve/CVE-2020-15393/"},{"category":"self","summary":"SUSE CVE CVE-2020-36557 page","url":"https://www.suse.com/security/cve/CVE-2020-36557/"},{"category":"self","summary":"SUSE CVE CVE-2020-36558 page","url":"https://www.suse.com/security/cve/CVE-2020-36558/"},{"category":"self","summary":"SUSE CVE CVE-2021-33655 page","url":"https://www.suse.com/security/cve/CVE-2021-33655/"},{"category":"self","summary":"SUSE CVE CVE-2021-33656 page","url":"https://www.suse.com/security/cve/CVE-2021-33656/"},{"category":"self","summary":"SUSE CVE CVE-2021-39713 page","url":"https://www.suse.com/security/cve/CVE-2021-39713/"},{"category":"self","summary":"SUSE CVE CVE-2022-1462 page","url":"https://www.suse.com/security/cve/CVE-2022-1462/"},{"category":"self","summary":"SUSE CVE CVE-2022-20166 page","url":"https://www.suse.com/security/cve/CVE-2022-20166/"},{"category":"self","summary":"SUSE CVE CVE-2022-2318 page","url":"https://www.suse.com/security/cve/CVE-2022-2318/"},{"category":"self","summary":"SUSE CVE CVE-2022-26365 page","url":"https://www.suse.com/security/cve/CVE-2022-26365/"},{"category":"self","summary":"SUSE CVE CVE-2022-33740 page","url":"https://www.suse.com/security/cve/CVE-2022-33740/"},{"category":"self","summary":"SUSE CVE CVE-2022-33741 page","url":"https://www.suse.com/security/cve/CVE-2022-33741/"},{"category":"self","summary":"SUSE CVE CVE-2022-33742 page","url":"https://www.suse.com/security/cve/CVE-2022-33742/"},{"category":"self","summary":"SUSE CVE CVE-2022-36946 page","url":"https://www.suse.com/security/cve/CVE-2022-36946/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2022-08-18T07:51:29Z","generator":{"date":"2022-08-18T07:51:29Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2022:2840-1","initial_release_date":"2022-08-18T07:51:29Z","revision_history":[{"date":"2022-08-18T07:51:29Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"cluster-md-kmp-default-4.4.180-94.171.1.aarch64","product":{"name":"cluster-md-kmp-default-4.4.180-94.171.1.aarch64","product_id":"cluster-md-kmp-default-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"dlm-kmp-default-4.4.180-94.171.1.aarch64","product":{"name":"dlm-kmp-default-4.4.180-94.171.1.aarch64","product_id":"dlm-kmp-default-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"gfs2-kmp-default-4.4.180-94.171.1.aarch64","product":{"name":"gfs2-kmp-default-4.4.180-94.171.1.aarch64","product_id":"gfs2-kmp-default-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-default-4.4.180-94.171.1.aarch64","product":{"name":"kernel-default-4.4.180-94.171.1.aarch64","product_id":"kernel-default-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-default-base-4.4.180-94.171.1.aarch64","product":{"name":"kernel-default-base-4.4.180-94.171.1.aarch64","product_id":"kernel-default-base-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-default-devel-4.4.180-94.171.1.aarch64","product":{"name":"kernel-default-devel-4.4.180-94.171.1.aarch64","product_id":"kernel-default-devel-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-default-extra-4.4.180-94.171.1.aarch64","product":{"name":"kernel-default-extra-4.4.180-94.171.1.aarch64","product_id":"kernel-default-extra-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-default-kgraft-4.4.180-94.171.1.aarch64","product":{"name":"kernel-default-kgraft-4.4.180-94.171.1.aarch64","product_id":"kernel-default-kgraft-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-obs-build-4.4.180-94.171.1.aarch64","product":{"name":"kernel-obs-build-4.4.180-94.171.1.aarch64","product_id":"kernel-obs-build-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-obs-qa-4.4.180-94.171.1.aarch64","product":{"name":"kernel-obs-qa-4.4.180-94.171.1.aarch64","product_id":"kernel-obs-qa-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-syms-4.4.180-94.171.1.aarch64","product":{"name":"kernel-syms-4.4.180-94.171.1.aarch64","product_id":"kernel-syms-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-vanilla-4.4.180-94.171.1.aarch64","product":{"name":"kernel-vanilla-4.4.180-94.171.1.aarch64","product_id":"kernel-vanilla-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-vanilla-base-4.4.180-94.171.1.aarch64","product":{"name":"kernel-vanilla-base-4.4.180-94.171.1.aarch64","product_id":"kernel-vanilla-base-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kernel-vanilla-devel-4.4.180-94.171.1.aarch64","product":{"name":"kernel-vanilla-devel-4.4.180-94.171.1.aarch64","product_id":"kernel-vanilla-devel-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"kselftests-kmp-default-4.4.180-94.171.1.aarch64","product":{"name":"kselftests-kmp-default-4.4.180-94.171.1.aarch64","product_id":"kselftests-kmp-default-4.4.180-94.171.1.aarch64"}},{"category":"product_version","name":"ocfs2-kmp-default-4.4.180-94.171.1.aarch64","product":{"name":"ocfs2-kmp-default-4.4.180-94.171.1.aarch64","product_id":"ocfs2-kmp-default-4.4.180-94.171.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"kernel-devel-4.4.180-94.171.1.noarch","product":{"name":"kernel-devel-4.4.180-94.171.1.noarch","product_id":"kernel-devel-4.4.180-94.171.1.noarch"}},{"category":"product_version","name":"kernel-docs-4.4.180-94.171.2.noarch","product":{"name":"kernel-docs-4.4.180-94.171.2.noarch","product_id":"kernel-docs-4.4.180-94.171.2.noarch"}},{"category":"product_version","name":"kernel-docs-html-4.4.180-94.171.2.noarch","product":{"name":"kernel-docs-html-4.4.180-94.171.2.noarch","product_id":"kernel-docs-html-4.4.180-94.171.2.noarch"}},{"category":"product_version","name":"kernel-docs-pdf-4.4.180-94.171.2.noarch","product":{"name":"kernel-docs-pdf-4.4.180-94.171.2.noarch","product_id":"kernel-docs-pdf-4.4.180-94.171.2.noarch"}},{"category":"product_version","name":"kernel-macros-4.4.180-94.171.1.noarch","product":{"name":"kernel-macros-4.4.180-94.171.1.noarch","product_id":"kernel-macros-4.4.180-94.171.1.noarch"}},{"category":"product_version","name":"kernel-source-4.4.180-94.171.1.noarch","product":{"name":"kernel-source-4.4.180-94.171.1.noarch","product_id":"kernel-source-4.4.180-94.171.1.noarch"}},{"category":"product_version","name":"kernel-source-vanilla-4.4.180-94.171.1.noarch","product":{"name":"kernel-source-vanilla-4.4.180-94.171.1.noarch","product_id":"kernel-source-vanilla-4.4.180-94.171.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-debug-4.4.180-94.171.1.ppc64le","product":{"name":"cluster-md-kmp-debug-4.4.180-94.171.1.ppc64le","product_id":"cluster-md-kmp-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"cluster-md-kmp-default-4.4.180-94.171.1.ppc64le","product":{"name":"cluster-md-kmp-default-4.4.180-94.171.1.ppc64le","product_id":"cluster-md-kmp-default-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"dlm-kmp-debug-4.4.180-94.171.1.ppc64le","product":{"name":"dlm-kmp-debug-4.4.180-94.171.1.ppc64le","product_id":"dlm-kmp-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"dlm-kmp-default-4.4.180-94.171.1.ppc64le","product":{"name":"dlm-kmp-default-4.4.180-94.171.1.ppc64le","product_id":"dlm-kmp-default-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"gfs2-kmp-debug-4.4.180-94.171.1.ppc64le","product":{"name":"gfs2-kmp-debug-4.4.180-94.171.1.ppc64le","product_id":"gfs2-kmp-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"gfs2-kmp-default-4.4.180-94.171.1.ppc64le","product":{"name":"gfs2-kmp-default-4.4.180-94.171.1.ppc64le","product_id":"gfs2-kmp-default-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-debug-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-debug-4.4.180-94.171.1.ppc64le","product_id":"kernel-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-debug-base-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-debug-base-4.4.180-94.171.1.ppc64le","product_id":"kernel-debug-base-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-debug-devel-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-debug-devel-4.4.180-94.171.1.ppc64le","product_id":"kernel-debug-devel-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-debug-extra-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-debug-extra-4.4.180-94.171.1.ppc64le","product_id":"kernel-debug-extra-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-debug-kgraft-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-debug-kgraft-4.4.180-94.171.1.ppc64le","product_id":"kernel-debug-kgraft-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-default-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-default-4.4.180-94.171.1.ppc64le","product_id":"kernel-default-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-default-base-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-default-base-4.4.180-94.171.1.ppc64le","product_id":"kernel-default-base-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-default-devel-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-default-devel-4.4.180-94.171.1.ppc64le","product_id":"kernel-default-devel-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-default-extra-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-default-extra-4.4.180-94.171.1.ppc64le","product_id":"kernel-default-extra-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-default-kgraft-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-default-kgraft-4.4.180-94.171.1.ppc64le","product_id":"kernel-default-kgraft-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-obs-build-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-obs-build-4.4.180-94.171.1.ppc64le","product_id":"kernel-obs-build-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-obs-qa-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-obs-qa-4.4.180-94.171.1.ppc64le","product_id":"kernel-obs-qa-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-syms-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-syms-4.4.180-94.171.1.ppc64le","product_id":"kernel-syms-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-vanilla-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-vanilla-4.4.180-94.171.1.ppc64le","product_id":"kernel-vanilla-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-vanilla-base-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-vanilla-base-4.4.180-94.171.1.ppc64le","product_id":"kernel-vanilla-base-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kernel-vanilla-devel-4.4.180-94.171.1.ppc64le","product":{"name":"kernel-vanilla-devel-4.4.180-94.171.1.ppc64le","product_id":"kernel-vanilla-devel-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kselftests-kmp-debug-4.4.180-94.171.1.ppc64le","product":{"name":"kselftests-kmp-debug-4.4.180-94.171.1.ppc64le","product_id":"kselftests-kmp-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"kselftests-kmp-default-4.4.180-94.171.1.ppc64le","product":{"name":"kselftests-kmp-default-4.4.180-94.171.1.ppc64le","product_id":"kselftests-kmp-default-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"ocfs2-kmp-debug-4.4.180-94.171.1.ppc64le","product":{"name":"ocfs2-kmp-debug-4.4.180-94.171.1.ppc64le","product_id":"ocfs2-kmp-debug-4.4.180-94.171.1.ppc64le"}},{"category":"product_version","name":"ocfs2-kmp-default-4.4.180-94.171.1.ppc64le","product":{"name":"ocfs2-kmp-default-4.4.180-94.171.1.ppc64le","product_id":"ocfs2-kmp-default-4.4.180-94.171.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-default-4.4.180-94.171.1.s390x","product":{"name":"cluster-md-kmp-default-4.4.180-94.171.1.s390x","product_id":"cluster-md-kmp-default-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"dlm-kmp-default-4.4.180-94.171.1.s390x","product":{"name":"dlm-kmp-default-4.4.180-94.171.1.s390x","product_id":"dlm-kmp-default-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"gfs2-kmp-default-4.4.180-94.171.1.s390x","product":{"name":"gfs2-kmp-default-4.4.180-94.171.1.s390x","product_id":"gfs2-kmp-default-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-4.4.180-94.171.1.s390x","product_id":"kernel-default-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-base-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-base-4.4.180-94.171.1.s390x","product_id":"kernel-default-base-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-devel-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-devel-4.4.180-94.171.1.s390x","product_id":"kernel-default-devel-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-extra-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-extra-4.4.180-94.171.1.s390x","product_id":"kernel-default-extra-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-kgraft-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-kgraft-4.4.180-94.171.1.s390x","product_id":"kernel-default-kgraft-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-default-man-4.4.180-94.171.1.s390x","product":{"name":"kernel-default-man-4.4.180-94.171.1.s390x","product_id":"kernel-default-man-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-obs-build-4.4.180-94.171.1.s390x","product":{"name":"kernel-obs-build-4.4.180-94.171.1.s390x","product_id":"kernel-obs-build-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-obs-qa-4.4.180-94.171.1.s390x","product":{"name":"kernel-obs-qa-4.4.180-94.171.1.s390x","product_id":"kernel-obs-qa-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-syms-4.4.180-94.171.1.s390x","product":{"name":"kernel-syms-4.4.180-94.171.1.s390x","product_id":"kernel-syms-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-vanilla-4.4.180-94.171.1.s390x","product":{"name":"kernel-vanilla-4.4.180-94.171.1.s390x","product_id":"kernel-vanilla-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-vanilla-base-4.4.180-94.171.1.s390x","product":{"name":"kernel-vanilla-base-4.4.180-94.171.1.s390x","product_id":"kernel-vanilla-base-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-vanilla-devel-4.4.180-94.171.1.s390x","product":{"name":"kernel-vanilla-devel-4.4.180-94.171.1.s390x","product_id":"kernel-vanilla-devel-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kernel-zfcpdump-4.4.180-94.171.1.s390x","product":{"name":"kernel-zfcpdump-4.4.180-94.171.1.s390x","product_id":"kernel-zfcpdump-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"kselftests-kmp-default-4.4.180-94.171.1.s390x","product":{"name":"kselftests-kmp-default-4.4.180-94.171.1.s390x","product_id":"kselftests-kmp-default-4.4.180-94.171.1.s390x"}},{"category":"product_version","name":"ocfs2-kmp-default-4.4.180-94.171.1.s390x","product":{"name":"ocfs2-kmp-default-4.4.180-94.171.1.s390x","product_id":"ocfs2-kmp-default-4.4.180-94.171.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-debug-4.4.180-94.171.1.x86_64","product":{"name":"cluster-md-kmp-debug-4.4.180-94.171.1.x86_64","product_id":"cluster-md-kmp-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"cluster-md-kmp-default-4.4.180-94.171.1.x86_64","product":{"name":"cluster-md-kmp-default-4.4.180-94.171.1.x86_64","product_id":"cluster-md-kmp-default-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-debug-4.4.180-94.171.1.x86_64","product":{"name":"dlm-kmp-debug-4.4.180-94.171.1.x86_64","product_id":"dlm-kmp-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-default-4.4.180-94.171.1.x86_64","product":{"name":"dlm-kmp-default-4.4.180-94.171.1.x86_64","product_id":"dlm-kmp-default-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-debug-4.4.180-94.171.1.x86_64","product":{"name":"gfs2-kmp-debug-4.4.180-94.171.1.x86_64","product_id":"gfs2-kmp-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-default-4.4.180-94.171.1.x86_64","product":{"name":"gfs2-kmp-default-4.4.180-94.171.1.x86_64","product_id":"gfs2-kmp-default-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-debug-4.4.180-94.171.1.x86_64","product":{"name":"kernel-debug-4.4.180-94.171.1.x86_64","product_id":"kernel-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-debug-base-4.4.180-94.171.1.x86_64","product":{"name":"kernel-debug-base-4.4.180-94.171.1.x86_64","product_id":"kernel-debug-base-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-debug-devel-4.4.180-94.171.1.x86_64","product":{"name":"kernel-debug-devel-4.4.180-94.171.1.x86_64","product_id":"kernel-debug-devel-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-debug-extra-4.4.180-94.171.1.x86_64","product":{"name":"kernel-debug-extra-4.4.180-94.171.1.x86_64","product_id":"kernel-debug-extra-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-debug-kgraft-4.4.180-94.171.1.x86_64","product":{"name":"kernel-debug-kgraft-4.4.180-94.171.1.x86_64","product_id":"kernel-debug-kgraft-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-default-4.4.180-94.171.1.x86_64","product":{"name":"kernel-default-4.4.180-94.171.1.x86_64","product_id":"kernel-default-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-default-base-4.4.180-94.171.1.x86_64","product":{"name":"kernel-default-base-4.4.180-94.171.1.x86_64","product_id":"kernel-default-base-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-default-devel-4.4.180-94.171.1.x86_64","product":{"name":"kernel-default-devel-4.4.180-94.171.1.x86_64","product_id":"kernel-default-devel-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-default-extra-4.4.180-94.171.1.x86_64","product":{"name":"kernel-default-extra-4.4.180-94.171.1.x86_64","product_id":"kernel-default-extra-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-default-kgraft-4.4.180-94.171.1.x86_64","product":{"name":"kernel-default-kgraft-4.4.180-94.171.1.x86_64","product_id":"kernel-default-kgraft-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-obs-build-4.4.180-94.171.1.x86_64","product":{"name":"kernel-obs-build-4.4.180-94.171.1.x86_64","product_id":"kernel-obs-build-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-obs-qa-4.4.180-94.171.1.x86_64","product":{"name":"kernel-obs-qa-4.4.180-94.171.1.x86_64","product_id":"kernel-obs-qa-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-syms-4.4.180-94.171.1.x86_64","product":{"name":"kernel-syms-4.4.180-94.171.1.x86_64","product_id":"kernel-syms-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-vanilla-4.4.180-94.171.1.x86_64","product":{"name":"kernel-vanilla-4.4.180-94.171.1.x86_64","product_id":"kernel-vanilla-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-vanilla-base-4.4.180-94.171.1.x86_64","product":{"name":"kernel-vanilla-base-4.4.180-94.171.1.x86_64","product_id":"kernel-vanilla-base-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kernel-vanilla-devel-4.4.180-94.171.1.x86_64","product":{"name":"kernel-vanilla-devel-4.4.180-94.171.1.x86_64","product_id":"kernel-vanilla-devel-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-debug-4.4.180-94.171.1.x86_64","product":{"name":"kselftests-kmp-debug-4.4.180-94.171.1.x86_64","product_id":"kselftests-kmp-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-default-4.4.180-94.171.1.x86_64","product":{"name":"kselftests-kmp-default-4.4.180-94.171.1.x86_64","product_id":"kselftests-kmp-default-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-debug-4.4.180-94.171.1.x86_64","product":{"name":"ocfs2-kmp-debug-4.4.180-94.171.1.x86_64","product_id":"ocfs2-kmp-debug-4.4.180-94.171.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-default-4.4.180-94.171.1.x86_64","product":{"name":"ocfs2-kmp-default-4.4.180-94.171.1.x86_64","product_id":"ocfs2-kmp-default-4.4.180-94.171.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP3-BCL","product":{"name":"SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL","product_identification_helper":{"cpe":"cpe:/o:suse:sles-bcl:12:sp3"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-default-4.4.180-94.171.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64"},"product_reference":"kernel-default-4.4.180-94.171.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-4.4.180-94.171.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64"},"product_reference":"kernel-default-base-4.4.180-94.171.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-4.4.180-94.171.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64"},"product_reference":"kernel-default-devel-4.4.180-94.171.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-4.4.180-94.171.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch"},"product_reference":"kernel-devel-4.4.180-94.171.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros-4.4.180-94.171.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch"},"product_reference":"kernel-macros-4.4.180-94.171.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-4.4.180-94.171.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch"},"product_reference":"kernel-source-4.4.180-94.171.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-4.4.180-94.171.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL","product_id":"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"},"product_reference":"kernel-syms-4.4.180-94.171.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-BCL"}]},"vulnerabilities":[{"cve":"CVE-2020-15393","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15393"}],"notes":[{"category":"general","text":"In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15393","url":"https://www.suse.com/security/cve/CVE-2020-15393"},{"category":"external","summary":"SUSE Bug 1173514 for CVE-2020-15393","url":"https://bugzilla.suse.com/1173514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2020-15393"},{"cve":"CVE-2020-36557","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-36557"}],"notes":[{"category":"general","text":"A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-36557","url":"https://www.suse.com/security/cve/CVE-2020-36557"},{"category":"external","summary":"SUSE Bug 1201429 for CVE-2020-36557","url":"https://bugzilla.suse.com/1201429"},{"category":"external","summary":"SUSE Bug 1201742 for CVE-2020-36557","url":"https://bugzilla.suse.com/1201742"},{"category":"external","summary":"SUSE Bug 1202874 for CVE-2020-36557","url":"https://bugzilla.suse.com/1202874"},{"category":"external","summary":"SUSE Bug 1205313 for CVE-2020-36557","url":"https://bugzilla.suse.com/1205313"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"important"}],"title":"CVE-2020-36557"},{"cve":"CVE-2020-36558","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-36558"}],"notes":[{"category":"general","text":"A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-36558","url":"https://www.suse.com/security/cve/CVE-2020-36558"},{"category":"external","summary":"SUSE Bug 1200910 for CVE-2020-36558","url":"https://bugzilla.suse.com/1200910"},{"category":"external","summary":"SUSE Bug 1201752 for CVE-2020-36558","url":"https://bugzilla.suse.com/1201752"},{"category":"external","summary":"SUSE Bug 1205313 for CVE-2020-36558","url":"https://bugzilla.suse.com/1205313"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"important"}],"title":"CVE-2020-36558"},{"cve":"CVE-2021-33655","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-33655"}],"notes":[{"category":"general","text":"When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-33655","url":"https://www.suse.com/security/cve/CVE-2021-33655"},{"category":"external","summary":"SUSE Bug 1201635 for CVE-2021-33655","url":"https://bugzilla.suse.com/1201635"},{"category":"external","summary":"SUSE Bug 1202087 for CVE-2021-33655","url":"https://bugzilla.suse.com/1202087"},{"category":"external","summary":"SUSE Bug 1205313 for CVE-2021-33655","url":"https://bugzilla.suse.com/1205313"},{"category":"external","summary":"SUSE Bug 1212291 for CVE-2021-33655","url":"https://bugzilla.suse.com/1212291"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"important"}],"title":"CVE-2021-33655"},{"cve":"CVE-2021-33656","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-33656"}],"notes":[{"category":"general","text":"When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-33656","url":"https://www.suse.com/security/cve/CVE-2021-33656"},{"category":"external","summary":"SUSE Bug 1201636 for CVE-2021-33656","url":"https://bugzilla.suse.com/1201636"},{"category":"external","summary":"SUSE Bug 1212286 for CVE-2021-33656","url":"https://bugzilla.suse.com/1212286"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2021-33656"},{"cve":"CVE-2021-39713","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-39713"}],"notes":[{"category":"general","text":"Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-39713","url":"https://www.suse.com/security/cve/CVE-2021-39713"},{"category":"external","summary":"SUSE Bug 1196973 for CVE-2021-39713","url":"https://bugzilla.suse.com/1196973"},{"category":"external","summary":"SUSE Bug 1197211 for CVE-2021-39713","url":"https://bugzilla.suse.com/1197211"},{"category":"external","summary":"SUSE Bug 1201790 for CVE-2021-39713","url":"https://bugzilla.suse.com/1201790"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"important"}],"title":"CVE-2021-39713"},{"cve":"CVE-2022-1462","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-1462"}],"notes":[{"category":"general","text":"An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-1462","url":"https://www.suse.com/security/cve/CVE-2022-1462"},{"category":"external","summary":"SUSE Bug 1198829 for CVE-2022-1462","url":"https://bugzilla.suse.com/1198829"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-1462"},{"cve":"CVE-2022-20166","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-20166"}],"notes":[{"category":"general","text":"In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-20166","url":"https://www.suse.com/security/cve/CVE-2022-20166"},{"category":"external","summary":"SUSE Bug 1200598 for CVE-2022-20166","url":"https://bugzilla.suse.com/1200598"},{"category":"external","summary":"SUSE Bug 1212284 for CVE-2022-20166","url":"https://bugzilla.suse.com/1212284"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-20166"},{"cve":"CVE-2022-2318","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-2318"}],"notes":[{"category":"general","text":"There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-2318","url":"https://www.suse.com/security/cve/CVE-2022-2318"},{"category":"external","summary":"SUSE Bug 1201251 for CVE-2022-2318","url":"https://bugzilla.suse.com/1201251"},{"category":"external","summary":"SUSE Bug 1212303 for CVE-2022-2318","url":"https://bugzilla.suse.com/1212303"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-2318"},{"cve":"CVE-2022-26365","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-26365"}],"notes":[{"category":"general","text":"Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-26365","url":"https://www.suse.com/security/cve/CVE-2022-26365"},{"category":"external","summary":"SUSE Bug 1200762 for CVE-2022-26365","url":"https://bugzilla.suse.com/1200762"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-26365"},{"cve":"CVE-2022-33740","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-33740"}],"notes":[{"category":"general","text":"Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-33740","url":"https://www.suse.com/security/cve/CVE-2022-33740"},{"category":"external","summary":"SUSE Bug 1200762 for CVE-2022-33740","url":"https://bugzilla.suse.com/1200762"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-33740"},{"cve":"CVE-2022-33741","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-33741"}],"notes":[{"category":"general","text":"Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-33741","url":"https://www.suse.com/security/cve/CVE-2022-33741"},{"category":"external","summary":"SUSE Bug 1200762 for CVE-2022-33741","url":"https://bugzilla.suse.com/1200762"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-33741"},{"cve":"CVE-2022-33742","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-33742"}],"notes":[{"category":"general","text":"Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-33742","url":"https://www.suse.com/security/cve/CVE-2022-33742"},{"category":"external","summary":"SUSE Bug 1200762 for CVE-2022-33742","url":"https://bugzilla.suse.com/1200762"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"moderate"}],"title":"CVE-2022-33742"},{"cve":"CVE-2022-36946","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-36946"}],"notes":[{"category":"general","text":"nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-36946","url":"https://www.suse.com/security/cve/CVE-2022-36946"},{"category":"external","summary":"SUSE Bug 1201940 for CVE-2022-36946","url":"https://bugzilla.suse.com/1201940"},{"category":"external","summary":"SUSE Bug 1201941 for CVE-2022-36946","url":"https://bugzilla.suse.com/1201941"},{"category":"external","summary":"SUSE Bug 1202312 for CVE-2022-36946","url":"https://bugzilla.suse.com/1202312"},{"category":"external","summary":"SUSE Bug 1202874 for CVE-2022-36946","url":"https://bugzilla.suse.com/1202874"},{"category":"external","summary":"SUSE Bug 1203208 for CVE-2022-36946","url":"https://bugzilla.suse.com/1203208"},{"category":"external","summary":"SUSE Bug 1204132 for CVE-2022-36946","url":"https://bugzilla.suse.com/1204132"},{"category":"external","summary":"SUSE Bug 1205313 for CVE-2022-36946","url":"https://bugzilla.suse.com/1205313"},{"category":"external","summary":"SUSE Bug 1212310 for CVE-2022-36946","url":"https://bugzilla.suse.com/1212310"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.171.1.x86_64","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.171.1.noarch","SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.171.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-18T07:51:29Z","details":"important"}],"title":"CVE-2022-36946"}]}