SUSE-SU-2017:0471-1

Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170471-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0471-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:0471-1
Related
Published
2017-02-15T16:20:32Z
Modified
2017-02-15T16:20:32Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to 3.12.61 to receive various security and bugfixes.

The following feature was implemented:

  • The ext2 filesystem got reenabled and supported to allow support for 'XIP' (Execute In Place) (FATE#320805).

The following security bugs were fixed:

  • CVE-2017-5551: The tmpfs filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bsc#1021258).
  • CVE-2016-7097: The filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).
  • CVE-2017-2583: A Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. A user/process inside guest could have used this flaw to crash the guest resulting in DoS or potentially escalate their privileges inside guest. (bsc#1020602).
  • CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
  • CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
  • CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c (bnc#1009969).
  • CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935 (bnc#1014746).
  • CVE-2016-9806: Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540).
  • CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
  • CVE-2016-9793: The socksetsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sksndbuf and skrcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAPNETADMIN capability for a crafted setsockopt system call with the (1) SOSNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
  • CVE-2016-7910: Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
  • CVE-2015-8962: Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
  • CVE-2016-7913: The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478).
  • CVE-2016-7911: Race condition in the gettaskioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
  • CVE-2015-8964: The ttysettermiosldisc function in drivers/tty/ttyldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
  • CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502).
  • CVE-2016-7914: The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475).
  • CVE-2016-8633: drivers/firewire/net.c in the Linux kernel allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
  • CVE-2016-9083: drivers/vfio/pci/vfiopci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIODEVICESETIRQS ioctl call, aka a 'state machine confusion bug (bnc#1007197).
  • CVE-2016-9084: drivers/vfio/pci/vfiopciintrs.c in the Linux kernel misused the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197).
  • CVE-2016-7042: The prockeysshow function in security/keys/proc.c in the Linux kernel uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).
  • CVE-2015-8956: The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).
  • CVE-2016-8658: Stack-based buffer overflow in the brcmfcfg80211start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bnc#1004462).
  • CVE-2016-7425: The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSRMESSAGEWRITE_WQBUFFER control code (bnc#999932).
  • CVE-2016-6327: drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORTTASK command to abort a device write operation (bnc#994748).
  • CVE-2016-6828: The tcpchecksendhead function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcpxmitretransmitqueue use-after-free and system crash) via a crafted SACK option (bnc#994296).
  • CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for remote attackers to hijack TCP sessions via a blind in-window attack (bnc#989152).
  • CVE-2016-6130: Race condition in the sclpctlioctlsccb function in drivers/s390/char/sclpctl.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by changing a certain length value, aka a 'double fetch' vulnerability (bnc#987542).
  • CVE-2016-6480: Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608).
  • CVE-2016-4998: The IPTSOSET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986362 bnc#986365).
  • CVE-2016-5828: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms mishandled transactional state, which allowed local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call (bnc#986569).
  • CVE-2014-9904: The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer overflow, which allowed local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRVCOMPRESSSET_PARAMS ioctl call (bnc#986811).
  • CVE-2016-5829: Multiple heap-based buffer overflows in the hiddevioctlusage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
  • CVE-2016-4470: The keyrejectand_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).

The following non-security bugs were fixed:

  • base: make modulecreatedrivers_dir race-free (bnc#983977).
  • btrfs-8448-improve-performance-on-fsync-against-new-inode.patch: Disable (bsc#981597).
  • btrfs: account for non-CoW'd blocks in btrfsaborttransaction (bsc#983619).
  • btrfs: be more precise on errors when getting an inode from disk (bsc#981038).
  • btrfs: do not create or leak aliased root while cleaning up orphans (bsc#994881).
  • btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).
  • btrfs: fix relocation incorrectly dropping data references (bsc#990384).
  • btrfs: handle quota reserve failure properly (bsc#1005666).
  • btrfs: improve performance on fsync against new inode after rename/unlink (bsc#981038).
  • btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
  • btrfs: remove old treeroot dirent processing in btrfsreal_readdir() (bsc#981709).
  • cdc-acm: added sanity checking for probe() (bsc#993891).
  • ext2: Enable ext2 driver in config files (bsc#976195, fate#320805)
  • ext4: Add parameter for tuning handling of ext2 (bsc#976195).
  • ext4: Fixup handling for custom configs in tuning.
  • ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).
  • ipv6: Fix improper use or RCU in patches.kabi/ipv6-add-complete-rcu-protection-around-np-opt.kabi.patch. (bsc#961257)
  • ipv6: KABI workaround for ipv6: add complete rcu protection around np->opt.
  • kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).
  • kabi: reintroduce sk_filter (kabi).
  • kaweth: fix firmware download (bsc#993890).
  • kaweth: fix oops upon failed memory allocation (bsc#993890).
  • kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612, fate#313296).
  • kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410, fate#313296).
  • kgr: ignore zombie tasks during the patching (bnc#1008979).
  • mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
  • mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
  • modsign: Print appropriate status message when accessing UEFI variable (bsc#958606).
  • mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
  • mpt3sas: Fix panic when aer correct error occurred (bsc#997708, bsc#999943).
  • netfilter: allow logging fron non-init netns (bsc#970083).
  • netfilter: bridge: do not leak skb in error paths (bsc#982544).
  • netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
  • netfilter: bridge: Use _in6devget rather than in6devget in brvalidate_ipv6 (bsc#982544).
  • nfs: Do not write enable new pages while an invalidation is proceeding (bsc#999584).
  • nfs: Fix a regression in the read() syscall (bsc#999584).
  • pci/aer: Clear error status registers during enumeration and restore (bsc#985978).
  • ppp: defer netns reference release for ppp channel (bsc#980371).
  • reiserfs: fix race in prealloc discard (bsc#987576).
  • scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
  • scsi: Increase REPORT_LUNS timeout (bsc#982282).
  • series.conf: move stray netfilter patches to the right section
  • squashfs3: properly handle dir_emit() failures (bsc#998795).
  • supported.conf: Add ext2
  • timers: Use proper base migration in addtimeron() (bnc#993392).
  • tty: audit: Fix audit source (bsc#1016482).
  • tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).
  • usb: fix typo in wMaxPacketSize validation (bsc#991665).
  • usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
  • xen: Fix refcnt regression in xen netback introduced by changes made for bug#881008 (bnc#978094)
  • xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).
  • xfs: fixed signedness of error code in xfsinodebuf_verify (bsc#1003153).
  • xfs: fix premature enospc on inode allocation (bsc#984148).
  • xfs: get rid of XFSIALLOCBLOCKS macros (bsc#984148).
  • xfs: get rid of XFSINODECLUSTER_SIZE macros (bsc#984148).
  • xfs: refactor xlogrecoverprocess_data() (bsc#1019300).
  • xfs: Silence warnings in xfsvmreleasepage() (bnc#915183 bsc#987565).
  • xhci: silence warnings in switch (bnc#991665).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 12 / kernel-ec2

Package

Name
kernel-ec2
Purl
purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-ec2-extra": "3.12.61-52.66.1",
            "kernel-ec2": "3.12.61-52.66.1",
            "kernel-ec2-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / kgraft-patch-SLE12_Update_19

Package

Name
kgraft-patch-SLE12_Update_19
Purl
purl:rpm/suse/kgraft-patch-SLE12_Update_19&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12-LTSS / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-default-man": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12-LTSS / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-default-man": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-default-man": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12-LTSS / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.61-52.66.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-default-man": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12-LTSS / kgraft-patch-SLE12_Update_19

Package

Name
kgraft-patch-SLE12_Update_19
Purl
purl:rpm/suse/kgraft-patch-SLE12_Update_19&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.61-52.66.1",
            "kernel-devel": "3.12.61-52.66.1",
            "kernel-default-base": "3.12.61-52.66.1",
            "kernel-default-man": "3.12.61-52.66.1",
            "kernel-xen-devel": "3.12.61-52.66.1",
            "kernel-source": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-xen": "1-2.1",
            "kernel-default": "3.12.61-52.66.1",
            "kernel-xen-base": "3.12.61-52.66.1",
            "kernel-syms": "3.12.61-52.66.1",
            "kgraft-patch-3_12_61-52_66-default": "1-2.1",
            "kernel-xen": "3.12.61-52.66.1",
            "kernel-default-devel": "3.12.61-52.66.1"
        }
    ]
}