SUSE-SU-2020:1255-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:1255-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2020:1255-1

Related

CVE-2017-18255
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-21008
CVE-2019-11091
CVE-2019-14615
CVE-2019-14895
CVE-2019-14896
CVE-2019-14897
CVE-2019-14901
CVE-2019-15213
CVE-2019-18660
CVE-2019-18675
CVE-2019-18683
CVE-2019-19052
CVE-2019-19062
CVE-2019-19066
CVE-2019-19073
CVE-2019-19074
CVE-2019-19319
CVE-2019-19332
CVE-2019-19447
CVE-2019-19523
CVE-2019-19524
CVE-2019-19525
CVE-2019-19527
CVE-2019-19530
CVE-2019-19531
CVE-2019-19532
CVE-2019-19533
CVE-2019-19534
CVE-2019-19535
CVE-2019-19536
CVE-2019-19537
CVE-2019-19767
CVE-2019-19768
CVE-2019-19965
CVE-2019-19966
CVE-2019-20054
CVE-2019-20096
CVE-2019-3701
CVE-2019-5108
CVE-2019-9455
CVE-2019-9458
CVE-2020-10690
CVE-2020-10720
CVE-2020-10942
CVE-2020-11494
CVE-2020-11608
CVE-2020-11609
CVE-2020-2732
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-8992
CVE-2020-9383

Published

2020-05-26T14:11:09Z

Modified

2020-05-26T14:11:09Z

Summary

Security update for the Linux Kernel

Details

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIGINITSTACK_ALL (bnc#1168424).
CVE-2020-10942: In getrawsocket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).
CVE-2020-8647: Fixed a use-after-free vulnerability in the vcdoresize function in drivers/tty/vt/vt.c (bnc#1162929).
CVE-2020-8649: Fixed a use-after-free vulnerability in the vgaconinvertregion function in drivers/video/console/vgacon.c (bnc#1162931).
CVE-2020-9383: Fixed an issue in setfdc in drivers/block/floppy.c, which leads to a waittil_ready out-of-bounds read (bnc#1165111).
CVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).
CVE-2019-3701: Fixed an issue in cancangw_rcv, which could cause a system crash (bnc#1120386).
CVE-2019-19768: Fixed a use-after-free in the _blkadd_trace function in kernel/trace/blktrace.c (bnc#1159285).
CVE-2020-11609: Fixed a NULL pointer dereference in the stv06xx subsystem caused by mishandling invalid descriptors (bnc#1168854).
CVE-2020-10720: Fixed a use-after-free read in napigrofrags() (bsc#1170778).
CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).
CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a video driver. This could lead to local information disclosure with System execution privileges needed (bnc#1170345).
CVE-2020-11608: Fixed an issue in drivers/media/usb/gspca/ov519.c caused by a NULL pointer dereferences in ov511modeinitregs and ov518modeinitregs when there are zero endpoints (bnc#1168829).
CVE-2017-18255: The perfcputimemaxpercent_handler function in kernel/events/core.c allowed local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation (bnc#1087813).
CVE-2020-8648: There was a use-after-free vulnerability in the nttyreceivebufcommon function in drivers/tty/n_tty.c (bnc#1162928).
CVE-2020-2732: A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest (bnc#1163971).
CVE-2019-5108: Fixed a denial-of-service vulnerability caused by triggering AP to send IAPP location updates for stations before the required authentication process has completed (bnc#1159912).
CVE-2020-8992: ext4protectreservedinode in fs/ext4/blockvalidity.c allowed attackers to cause a denial of service (soft lockup) via a crafted journal size (bnc#1164069).
CVE-2018-21008: Fixed a use-after-free which could be caused by the function rsimac80211detach in the file drivers/net/wireless/rsi/rsi91xmac80211.c (bnc#1149591).
CVE-2019-14896: A heap-based buffer overflow vulnerability was found in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbsibssjoin_existing function is called after a STA connects to an AP (bnc#1157157).
CVE-2019-14897: A stack-based buffer overflow was found in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA (bnc#1157155).
CVE-2019-18675: Fixed an integer overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allowed local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation (bnc#1157804).
CVE-2019-14615: Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may have allowed an unauthenticated user to potentially enable information disclosure via local access (bnc#1160195, bsc#1165881).
CVE-2019-19965: Fixed a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition (bnc#1159911).
CVE-2019-20054: Fixed a NULL pointer dereference in dropsysctltable() in fs/proc/procsysctl.c, related to putlinks (bnc#1159910).
CVE-2019-20096: Fixed a memory leak in _featregister_sp() in net/dccp/feat.c, which may cause denial of service (bnc#1159908).
CVE-2019-19966: Fixed a use-after-free in cpia2exit() in drivers/media/usb/cpia2/cpia2v4l.c that will cause denial of service (bnc#1159841).
CVE-2019-19447: Fixed an issue with mounting a crafted ext4 filesystem image, performing some operations, and unmounting could lead to a use-after-free in ext4putsuper in fs/ext4/super.c, related to dumporphanlist in fs/ext4/super.c (bnc#1158819).
CVE-2019-19319: Fixed an issue with a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call (bnc#1158021).
CVE-2019-19767: Fixed mishandling of ext4expandextraisize, as demonstrated by use-after-free errors in _ext4expandextraisize and ext4xattrsetentry, related to fs/ext4/inode.c and fs/ext4/super.c (bnc#1159297).
CVE-2019-19066: Fixed memory leak in the bfadimgetstats() function in drivers/scsi/bfa/bfadattr.c that allowed attackers to cause a denial of service (memory consumption) by triggering bfaportget_stats() failures (bnc#1157303).
CVE-2019-19332: There was an OOB memory write via kvmdevioctlgetcpuid (bsc#1158827).
CVE-2019-19537: There was a race condition bug that could have been caused by a malicious USB device in the USB character device driver layer (bnc#1158904).
CVE-2019-19535: There was an info-leak bug that could have been caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusb_fd.c driver (bnc#1158903).
CVE-2019-19527: There was a use-after-free bug that could have been caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (bnc#1158900).
CVE-2019-19533: There was an info-leak bug that could have been caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver (bnc#1158834).
CVE-2019-19532: There were multiple out-of-bounds write bugs that could have been caused by a malicious USB device in the Linux kernel HID drivers (bnc#1158824).
CVE-2019-19523: There was a use-after-free bug that could have been caused by a malicious USB device in the drivers/usb/misc/adutux.c driver (bnc#1158823).
CVE-2019-15213: An issue was discovered in the Linux kernel, there was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544).
CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bnc#1158445).
CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver (bnc#1158417).
CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver (bnc#1158410).
CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusb_pro.c driver (bnc#1158394).
CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver (bnc#1158413).
CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusb_core.c driver (bnc#1158398).
CVE-2019-14901: A heap overflow flaw was found in the Linux kernel in Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042).
CVE-2019-14895: Fixed a heap-based buffer overflow in the Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).
CVE-2019-18660: Fixed a information disclosure on powerpc related to the Spectre-RSB mitigation. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038 1157923).
CVE-2019-18683: Fixed a privilege escalation where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem) (bnc#1155897).
CVE-2019-19062: Fixed a memory leak in the cryptoreport() function in crypto/cryptouserbase.c, which allowed attackers to cause a denial of service (memory consumption) by triggering cryptoreport_alg() failures (bnc#1157333).
CVE-2019-19052: A memory leak in the gscanopen() function in drivers/net/can/usb/gsusb.c allowed attackers to cause a denial of service (memory consumption) by triggering usbsubmit_urb() failures (bnc#1157324).
CVE-2019-19074: A memory leak in the ath9kwmicmd() function in drivers/net/wireless/ath/ath9k/wmi.c allowed attackers to cause a denial of service (memory consumption) (bnc#1157143).
CVE-2019-19073: Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c allowed attackers to cause a denial of service (memory consumption) by triggering waitforcompletiontimeout() failures (bnc#1157070).
CVE-2019-11091,CVE-2018-12126,CVE-2018-12130,CVE-2018-12127: Earlier mitigations for the 'MDS' Microarchitectural Data Sampling attacks were not complete. An additional fix was added to the x86_64 fast systemcall path to further mitigate these attacks. (bsc#1164846 bsc#1170847)

The following non-security bugs were fixed:

blk: Fix kabi due to blktracemutex addition (bsc#1159285).
blktrace: fix dereference after null check (bsc#1159285).
blktrace: fix trace mutex deadlock (bsc#1159285).
btrfs: Fix bound checking in qgrouptracenewsubtreeblocks (bsc#1155311).
btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1155311).
btrfs: qgroup: Cleanup old subtree swap code (bsc#1155311).
btrfs: qgroup: Do not trace subtree if we're dropping reloc tree (bsc#1155311).
btrfs: qgroup: Introduce function to find all new tree blocks of reloc tree (bsc#1155311).
btrfs: qgroup: Introduce function to trace two swaped extents (bsc#1155311).
btrfs: qgroup: Introduce per-root swapped blocks infrastructure (bsc#1155311).
btrfs: qgroup: Only trace data extents in leaves if we're relocating data block group (bsc#1155311).
btrfs: qgroup: Refactor btrfsqgrouptracesubtreeswap (bsc#1155311).
btrfs: qgroup: Use delayed subtree rescan for balance (bsc#1155311).
btrfs: qgroup: Use generation-aware subtree swap to mark dirty extents (bsc#1155311).
btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1155311).
btrfs: relocation: Delay reloc tree deletion after mergerelocroots (bsc#1155311).
btrfs: relocation: fix use-after-free on dead relocation roots (bsc#1155311).
btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1155311).
cgroup: avoid copying strings longer than the buffers (bsc#1146544).
cgroup: use strlcpy() instead of strscpy() to avoid spurious warning (bsc#1146544).
enic: prevent waking up stopped tx queues over watchdog reset (bsc#1133147).
ext4: fix use-after-free race with debugwantextra_isize (bsc#1136449).
fix PageHeadHuge() race with THP split (VM Functionality, bsc#1165311).
fs/binfmt_misc.c: do not allow offset overflow (bsc#1099279 bsc#1156060).
fs/xfs: fix f_ffree value for statfs when project quota is set (bsc#1165985).
futex: Use smpstorerelease() in markwakefutex() (bsc#1157464).
Input: add safety guards to inputsetkeycode() (bsc#1168075).
ipv4: correct gso_size for UFO (bsc#1154844).
ipv6: fix memory accounting during ipv6 queue expire (bsc#1162227) (bsc#1162227).
ipvlan: do not add hardware address of master to its unicast filter list (bsc#1137325).
media: ov519: add missing endpoint sanity checks (bsc#1168829).
media: stv06xx: add missing descriptor sanity checks (bsc#1168854).
netfilter: conntrack: sctp: use distinct states for new SCTP connections (bsc#1159199).
netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
powerpc/64: Call setupbarriernospec() from setup_arch() (bsc#1131107).
powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
powerpc/64: Make stf barrier PPCBOOK3S64 specific (bsc#1131107).
powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107).
powerpc/64s: Add support for software count cache flush (bsc#1131107).
powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107).
powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107).
powerpc/fsl: Add nospectre_v2 command line argument (bsc#1131107).
powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107).
powerpc/powernv: Query firmware for count cache flush settings (bsc#1131107).
powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107).
powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
powerpc/security: Fix spectre_v2 reporting (bsc#1131107).
powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).
powerpc/security: Show powerpcsecurityfeatures in debugfs (bsc#1131107).
route: set the deleted fnhe fnhedaddr to 0 in ipdel_fnhe to fix a race (bsc#1037216).
sched/fair: WARN() and refuse to set buddy when !se->on_rq (bsc#1158132).
string: drop _mustcheck from strscpy() and restore strscpy() usages in cgroup (bsc#1146544).
x86/alternatives: Add int3emulatecall() selftest (bsc#1153811).
x86/alternatives: Fix int3emulatecall() selftest stack corruption (bsc#1153811).
x86/mitigations: Clear CPU buffers on the SYSCALL fast path (bsc#1164846).
xen/pv: Fix a boot up hang revealed by int3 self test (bsc#1153811).
xfs: also remove cached ACLs when removing the underlying attr (bsc#1165873).
xfs: bulkstat should copy lastip whenever userspace supplies one (bsc#1165984).

References

Affected packages

SUSE:OpenStack Cloud 7 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:OpenStack Cloud 7 / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:OpenStack Cloud 7 / kernel-syms

Package

Name: kernel-syms
Purl: purl:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:OpenStack Cloud 7 / kgraft-patch-SLE12-SP2_Update_34

Package

Name: kgraft-patch-SLE12-SP2_Update_34
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP2_Update_34&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1-3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 12 SP2 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.4.121-92.129.1",
            "gfs2-kmp-default": "4.4.121-92.129.1",
            "cluster-network-kmp-default": "4.4.121-92.129.1",
            "ocfs2-kmp-default": "4.4.121-92.129.1",
            "cluster-md-kmp-default": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-syms

Package

Name: kernel-syms
Purl: purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kgraft-patch-SLE12-SP2_Update_34

Package

Name: kgraft-patch-SLE12-SP2_Update_34
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP2_Update_34&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1-3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / kernel-syms

Package

Name: kernel-syms
Purl: purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / kgraft-patch-SLE12-SP2_Update_34

Package

Name: kgraft-patch-SLE12-SP2_Update_34
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP2_Update_34&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1-3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kgraft-patch-4_4_121-92_129-default": "1-3.3.1",
            "kernel-default-man": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-syms

Package

Name: kernel-syms
Purl: purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.121-92.129.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.129.1",
            "kernel-devel": "4.4.121-92.129.1",
            "kernel-default-base": "4.4.121-92.129.1",
            "kernel-default": "4.4.121-92.129.1",
            "kernel-source": "4.4.121-92.129.1",
            "kernel-syms": "4.4.121-92.129.1",
            "kernel-default-devel": "4.4.121-92.129.1"
        }
    ]
}