Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:13937-1 Final 1 1 2019-01-29T12:13:02Z current 2019-01-29T12:13:02Z 2019-01-29T12:13:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1108498). - CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841). - CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743). - CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714). - CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319). - CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152). - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused (bnc#1113769). - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240). - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674). - CVE-2017-1000407: Fixed a denial of service, which was caused by flooding the diagnostic port 0x80 an exception leading to a kernel panic (bnc#1071021). The following non-security bugs were fixed: - ALSA: pcm: Fix potential deadlock in OSS emulation (bsc#968018, bsc#1104366). - cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#1119255). - Drivers: scsi: storvsc: Change the limits to reflect the values on the host (bug#1107189). - drivers: scsi: storvsc: Correctly handle TEST_UNIT_READY failure (bug#1107189). - Drivers: scsi: storvsc: Filter commands based on the storage protocol version (bug#1107189). - Drivers: scsi: storvsc: Fix a bug in handling VMBUS protocol version (bug#1107189). - Drivers: scsi: storvsc: Implement a eh_timed_out handler (bug#1107189). - Drivers: scsi: storvsc: Set cmd_per_lun to reflect value supported by the Host (bug#1107189). - drivers: scsi: storvsc: Set srb_flags in all cases (bug#1107189). - EHCI: improved logic for isochronous scheduling (bsc#1117515). - ipv4: remove the unnecessary variable in udp_mcast_next (bsc#1104070). - KEYS: prevent creating a different user's keyrings (bnc#1094186). - KVM: x86: Fix the duplicate failure path handling in vmx_init (bsc#1104367). - MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#1116412). - MM/vmscan.c: avoid throttling reclaim for loop-back nfsd threads (bsc#1116412). - net/ipv6/udp: Fix ipv6 multicast socket filter regression (bsc#1104070). - NFS: avoid deadlocks with loop-back mounted NFS filesystems (bsc#1116412). - NFS: avoid waiting at all in nfs_release_page when congested (bsc#1116412). - NFS: Do not write enable new pages while an invalidation is proceeding (bsc#1116412). - NFS: Fix a regression in the read() syscall (bsc#1116412). - NFS: Fix races in nfs_revalidate_mapping (bsc#1116412). - NFS: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#1116412). - NFS: Fix writeback performance issue on cache invalidation (bsc#1116412). - reiserfs: do not preallocate blocks for extended attributes (bsc#990682). - reiserfs: fix race in readdir (bsc#1039803). - sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#1119255). - scsi: storvsc: Always send on the selected outgoing channel (bug#1107189). - scsi: storvsc: Do not assume that the scatterlist is not chained (bug#1107189). - scsi: storvsc: Fix a bug in copy_from_bounce_buffer() (bug#1107189). - scsi: storvsc: Increase the ring buffer size (bug#1107189). - scsi: storvsc: Size the queue depth based on the ringbuffer size (bug#1107189). - storvsc: fix a bug in storvsc limits (bug#1107189). - storvsc: force discovery of LUNs that may have been removed (bug#1107189). - storvsc: get rid of overly verbose warning messages (bug#1107189). - storvsc: in responce to a scan event, scan the host (bug#1107189). - storvsc: Set the SRB flags correctly when no data transfer is needed (bug#1107189). - udp: ipv4: Add udp early demux (bsc#1104070). - udp: restore UDPlite many-cast delivery (bsc#1104070). - udp: Simplify __udp*_lib_mcast_deliver (bsc#1104070). - udp: Use hash2 for long hash1 chains in __udp*_lib_mcast_deliver (bsc#1104070). - USB: EHCI: add new root-hub state: STOPPING (bsc#1117515). - USB: EHCI: add pointer to end of async-unlink list (bsc#1117515). - USB: EHCI: add symbolic constants for QHs (bsc#1117515). - USB: EHCI: always scan each interrupt QH (bsc#1117515). - USB: EHCI: do not lose events during a scan (bsc#1117515). - USB: EHCI: do not refcount iso_stream structures (bsc#1117515). - USB: EHCI: do not refcount QHs (bsc#1117515). - USB: EHCI: fix initialization bug in iso_stream_schedule() (bsc#1117515). - USB: EHCI: fix up locking (bsc#1117515). - USB: EHCI: initialize data before resetting hardware (bsc#1117515). - USB: EHCI: introduce high-res timer (bsc#1117515). - USB: EHCI: remove PS3 status polling (bsc#1117515). - USB: EHCI: remove unneeded suspend/resume code (bsc#1117515). - USB: EHCI: rename 'reclaim' (bsc#1117515). - USB: EHCI: resolve some unlikely races (bsc#1117515). - USB: EHCI: return void instead of 0 (bsc#1117515). - USB: EHCI: simplify isochronous scanning (bsc#1117515). - USB: EHCI: unlink multiple async QHs together (bsc#1117515). - USB: EHCI: use hrtimer for async schedule (bsc#1117515). - USB: EHCI: use hrtimer for controller death (bsc#1117515). - USB: EHCI: use hrtimer for interrupt QH unlink (bsc#1117515). - USB: EHCI: use hrtimer for (s)iTD deallocation (bsc#1117515). - USB: EHCI: use hrtimer for the IAA watchdog (bsc#1117515). - USB: EHCI: use hrtimer for the I/O watchdog (bsc#1117515). - USB: EHCI: use hrtimer for the periodic schedule (bsc#1117515). - USB: EHCI: use hrtimer for unlinking empty async QHs (bsc#1117515). - XFS: do not BUG() on mixed direct and mapped I/O (bsc#1114920). - XFS: stop searching for free slots in an inode chunk when there are none (bsc#1115007). - XFS: validate sb_logsunit is a multiple of the fs blocksize (bsc#1115038). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sleposp3-kernel-20190123-13937,slessp3-kernel-20190123-13937,slexsp3-kernel-20190123-13937 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ Link for SUSE-SU-2019:13937-1 https://lists.suse.com/pipermail/sle-security-updates/2019-January/005067.html E-Mail link for SUSE-SU-2019:13937-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1031240 SUSE Bug 1031240 https://bugzilla.suse.com/1039803 SUSE Bug 1039803 https://bugzilla.suse.com/1066674 SUSE Bug 1066674 https://bugzilla.suse.com/1071021 SUSE Bug 1071021 https://bugzilla.suse.com/1094186 SUSE Bug 1094186 https://bugzilla.suse.com/1094825 SUSE Bug 1094825 https://bugzilla.suse.com/1104070 SUSE Bug 1104070 https://bugzilla.suse.com/1104366 SUSE Bug 1104366 https://bugzilla.suse.com/1104367 SUSE Bug 1104367 https://bugzilla.suse.com/1107189 SUSE Bug 1107189 https://bugzilla.suse.com/1108498 SUSE Bug 1108498 https://bugzilla.suse.com/1109200 SUSE Bug 1109200 https://bugzilla.suse.com/1113201 SUSE Bug 1113201 https://bugzilla.suse.com/1113751 SUSE Bug 1113751 https://bugzilla.suse.com/1113769 SUSE Bug 1113769 https://bugzilla.suse.com/1114920 SUSE Bug 1114920 https://bugzilla.suse.com/1115007 SUSE Bug 1115007 https://bugzilla.suse.com/1115038 SUSE Bug 1115038 https://bugzilla.suse.com/1116412 SUSE Bug 1116412 https://bugzilla.suse.com/1116841 SUSE Bug 1116841 https://bugzilla.suse.com/1117515 SUSE Bug 1117515 https://bugzilla.suse.com/1118152 SUSE Bug 1118152 https://bugzilla.suse.com/1118319 SUSE Bug 1118319 https://bugzilla.suse.com/1119255 SUSE Bug 1119255 https://bugzilla.suse.com/1119714 SUSE Bug 1119714 https://bugzilla.suse.com/1120743 SUSE Bug 1120743 https://bugzilla.suse.com/905299 SUSE Bug 905299 https://bugzilla.suse.com/936875 SUSE Bug 936875 https://bugzilla.suse.com/968018 SUSE Bug 968018 https://bugzilla.suse.com/990682 SUSE Bug 990682 https://www.suse.com/security/cve/CVE-2017-1000407/ SUSE CVE CVE-2017-1000407 page https://www.suse.com/security/cve/CVE-2017-16533/ SUSE CVE CVE-2017-16533 page https://www.suse.com/security/cve/CVE-2017-7273/ SUSE CVE CVE-2017-7273 page https://www.suse.com/security/cve/CVE-2018-18281/ SUSE CVE CVE-2018-18281 page https://www.suse.com/security/cve/CVE-2018-18386/ SUSE CVE CVE-2018-18386 page https://www.suse.com/security/cve/CVE-2018-18710/ SUSE CVE CVE-2018-18710 page https://www.suse.com/security/cve/CVE-2018-19407/ SUSE CVE CVE-2018-19407 page https://www.suse.com/security/cve/CVE-2018-19824/ SUSE CVE CVE-2018-19824 page https://www.suse.com/security/cve/CVE-2018-19985/ SUSE CVE CVE-2018-19985 page https://www.suse.com/security/cve/CVE-2018-20169/ SUSE CVE CVE-2018-20169 page https://www.suse.com/security/cve/CVE-2018-9516/ SUSE CVE CVE-2018-9516 page https://www.suse.com/security/cve/CVE-2018-9568/ SUSE CVE CVE-2018-9568 page SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS kernel-default-3.0.101-0.47.106.59.1 kernel-default-base-3.0.101-0.47.106.59.1 kernel-default-devel-3.0.101-0.47.106.59.1 kernel-ec2-3.0.101-0.47.106.59.1 kernel-ec2-base-3.0.101-0.47.106.59.1 kernel-ec2-devel-3.0.101-0.47.106.59.1 kernel-pae-3.0.101-0.47.106.59.1 kernel-pae-base-3.0.101-0.47.106.59.1 kernel-pae-devel-3.0.101-0.47.106.59.1 kernel-source-3.0.101-0.47.106.59.1 kernel-syms-3.0.101-0.47.106.59.1 kernel-trace-3.0.101-0.47.106.59.1 kernel-trace-base-3.0.101-0.47.106.59.1 kernel-trace-devel-3.0.101-0.47.106.59.1 kernel-xen-3.0.101-0.47.106.59.1 kernel-xen-base-3.0.101-0.47.106.59.1 kernel-xen-devel-3.0.101-0.47.106.59.1 kernel-bigsmp-3.0.101-0.47.106.59.1 kernel-bigsmp-base-3.0.101-0.47.106.59.1 kernel-bigsmp-devel-3.0.101-0.47.106.59.1 kernel-default-man-3.0.101-0.47.106.59.1 kernel-default-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-default-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-default-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-ec2-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-ec2-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-ec2-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-pae-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-pae-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-pae-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-source-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-syms-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-trace-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-trace-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-trace-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-xen-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-xen-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-xen-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 kernel-bigsmp-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-bigsmp-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-bigsmp-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-default-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-default-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-default-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-default-man-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-ec2-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-ec2-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-ec2-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-pae-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-pae-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-pae-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-source-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-syms-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-trace-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-trace-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-trace-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-xen-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-xen-base-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS kernel-xen-devel-3.0.101-0.47.106.59.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. CVE-2017-1000407 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2017-1000407.html CVE-2017-1000407 https://bugzilla.suse.com/1071021 SUSE Bug 1071021 The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. CVE-2017-16533 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2017-16533.html CVE-2017-16533 https://bugzilla.suse.com/1066674 SUSE Bug 1066674 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 https://bugzilla.suse.com/1146519 SUSE Bug 1146519 The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. CVE-2017-7273 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2017-7273.html CVE-2017-7273 https://bugzilla.suse.com/1031240 SUSE Bug 1031240 Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19. CVE-2018-18281 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-18281.html CVE-2018-18281 https://bugzilla.suse.com/1113769 SUSE Bug 1113769 drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. CVE-2018-18386 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-18386.html CVE-2018-18386 https://bugzilla.suse.com/1094825 SUSE Bug 1094825 https://bugzilla.suse.com/1112039 SUSE Bug 1112039 An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658. CVE-2018-18710 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-18710.html CVE-2018-18710 https://bugzilla.suse.com/1113751 SUSE Bug 1113751 The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. CVE-2018-19407 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 low 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-19407.html CVE-2018-19407 https://bugzilla.suse.com/1116841 SUSE Bug 1116841 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. CVE-2018-19824 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-19824.html CVE-2018-19824 https://bugzilla.suse.com/1118152 SUSE Bug 1118152 The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. CVE-2018-19985 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-19985.html CVE-2018-19985 https://bugzilla.suse.com/1120743 SUSE Bug 1120743 An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. CVE-2018-20169 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-20169.html CVE-2018-20169 https://bugzilla.suse.com/1119714 SUSE Bug 1119714 In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580. CVE-2018-9516 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 low 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-9516.html CVE-2018-9516 https://bugzilla.suse.com/1108498 SUSE Bug 1108498 https://bugzilla.suse.com/1123161 SUSE Bug 1123161 In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. CVE-2018-9568 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.59.1 SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.59.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/ https://www.suse.com/security/cve/CVE-2018-9568.html CVE-2018-9568 https://bugzilla.suse.com/1118319 SUSE Bug 1118319 https://bugzilla.suse.com/1118320 SUSE Bug 1118320