SUSE-SU-2016:2074-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:2074-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2016:2074-1
Related
Published
2016-08-15T10:48:57Z
Modified
2016-08-15T10:48:57Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various security and bug fixes.

The following security bugs were fixed: - CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c (bsc#978822). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPTSOSETREPLACE setsockopt call (bnc#971126). - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948). - CVE-2016-2188: The iowarriorprobe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-3138: The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911). - CVE-2016-3137: drivers/usb/serial/cypressm8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypressgenericportprobe and cypressopen functions (bnc#970970). - CVE-2016-3140: The digiportinit function in drivers/usb/serial/digiacceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892). - CVE-2016-2186: The powermateprobe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958). - CVE-2016-2185: The atiremote2probe function in drivers/input/misc/atiremote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124). - CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360). - CVE-2016-2184: The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125). - CVE-2016-3139: The wacomprobe function in drivers/input/tablet/wacomsys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909). - CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandled the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmucontext.h and arch/s390/include/asm/pgalloc.h (bnc#970504). - CVE-2016-2782: The treoattach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670). - CVE-2015-8816: The hubactivate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010). - CVE-2015-7566: The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint (bnc#961512). - CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent recursive callback access, which allowed local users to cause a denial of service (deadlock) via a crafted ioctl call (bnc#968013). - CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking approach that did not consider slave timer instances, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#968011). - CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain linked lists after a close or stop action, which allowed local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) sndtimerclose and (2) _sndtimerstop functions (bnc#968012). - CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect type of mutex, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#967975). - CVE-2016-2545: The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel did not properly maintain a certain linked list, which allowed local users to cause a denial of service (race condition and system crash) via a crafted ioctl call (bnc#967974). - CVE-2016-2544: Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time (bnc#967973). - CVE-2016-2543: The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel did not verify FIFO assignment before proceeding with FIFO clearing, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call (bnc#967972). - CVE-2016-2384: Double free vulnerability in the sndusbmidicreate function in sound/usb/midi.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor (bnc#966693). - CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwchcm.c in the Linux kernel did not properly identify error conditions, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets (bnc#966437). - CVE-2015-8785: The fusefillwritepages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765). - CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel .4.1 allowed local users to gain privileges by triggering access to a paging structure by a different CPU (bnc#963767). - CVE-2016-0723: Race condition in the ttyioctl function in drivers/tty/ttyio.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500). - CVE-2013-7446: Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel allowed local users to bypass intended AFUNIX socket permissions or cause a denial of service (panic) via crafted epollctl calls (bnc#955654). - CVE-2015-8767: net/sctp/smsideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctpaccept call (bnc#961509). - CVE-2015-7515: The aiptekprobe function in drivers/input/tablet/aiptek.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints (bnc#956708). - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272 (bnc#955354). - CVE-2015-7550: The keyctlreadkey function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctlrevoke and keyctlread calls (bnc#958951). - CVE-2015-8569: The (1) pptpbind and (2) pptpconnect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8575: The scosockbind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959399). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONENEWUSER support to execute a crafted SOCKRAW application (bnc#958886). - CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c (bnc#958463). - CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015 (bnc#956709). - CVE-2015-7799: The slhcinit function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2015-7990: Race condition in the rdssendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#952384). - CVE-2015-7872: The keygcunusedkeys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440). - CVE-2015-6937: The _rdsconncreate function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). - CVE-2015-6252: The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation (bnc#942367). - CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped (bnc#928130).

The following non-security bugs were fixed: - Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201). - Fix lpfcsendrscnevent allocation size claims bnc#935757 - Fix ntpd clock synchronization in Xen PV domains (bnc#816446). - Fix vmallocfault oops during lazy MMU updates (bsc#948562). - Make sure XPRTCONNECTING gets cleared when needed (bsc#946309). - SCSI: bfa: Fix to handle firmware tskim abort request response (bsc#972510). - USB: usbip: fix potential out-of-bounds write (bnc#975945). - afunix: Guard against other == sk in unixdgramsendmsg (bsc#973570). - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826). - mm/hugetlb: check for pte NULL pointer in _pagecheckaddress() (bsc#977847). - nfconntrack: fix bsc#758540 kabi fix (bsc#946117). - privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093). - s390/cio: collect format 1 channel-path description data (bsc#966460, bsc#966662). - s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662). - s390/cio: fix measurement characteristics memleak (bsc#966460, bsc#966662). - s390/cio: update measurement characteristics (bsc#966460, bsc#966662). - xfs: Fix lost direct IO write in the last block (bsc#949744).

References

Affected packages

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-ec2

Package

Name
kernel-ec2
Purl
purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-pae

Package

Name
kernel-pae
Purl
purl:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-trace

Package

Name
kernel-trace
Purl
purl:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.7.40.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.7.40.1",
            "kernel-default-man": "3.0.101-0.7.40.1",
            "kernel-ec2": "3.0.101-0.7.40.1",
            "kernel-default": "3.0.101-0.7.40.1",
            "kernel-source": "3.0.101-0.7.40.1",
            "kernel-pae-base": "3.0.101-0.7.40.1",
            "kernel-syms": "3.0.101-0.7.40.1",
            "kernel-trace": "3.0.101-0.7.40.1",
            "kernel-pae": "3.0.101-0.7.40.1",
            "kernel-trace-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-devel": "3.0.101-0.7.40.1",
            "kernel-ec2-base": "3.0.101-0.7.40.1",
            "kernel-xen-devel": "3.0.101-0.7.40.1",
            "kernel-xen-base": "3.0.101-0.7.40.1",
            "kernel-trace-base": "3.0.101-0.7.40.1",
            "kernel-default-devel": "3.0.101-0.7.40.1",
            "kernel-pae-devel": "3.0.101-0.7.40.1",
            "kernel-xen": "3.0.101-0.7.40.1"
        }
    ]
}