{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\n\nThe SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).\n- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).\n- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)\n- CVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).\n- CVE-2019-7221: Fixed a use-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).\n- CVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host's stack memory contents to a guest (bsc#1124735).\n- CVE-2017-18249: The add_free_nid function in fs/f2fs/node.c did not properly track an allocated nid, which allowed local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads (bnc#1087036).\n\nThe following non-security bugs were fixed:\n\n- acpi/nfit: Block function zero DSMs (bsc#1123321).\n- acpi, nfit: Fix ARS overflow continuation (bsc#1125000).\n- acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value (bsc#1124775).\n- acpi/nfit: Fix command-supported detection (bsc#1123323).\n- acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).\n- alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).\n- alpha: fix page fault handling for r16-r18 targets (bnc#1012382).\n- alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).\n- alsa: compress: Fix stop handling on compressed capture streams (bnc#1012382).\n- alsa: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).\n- alsa: hda - Serialize codec registrations (bnc#1012382).\n- alsa: usb-audio: Fix implicit fb endpoint setup by quirk (bnc#1012382).\n- ARC: perf: map generic branches to correct hardware condition (bnc#1012382).\n- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).\n- arm64: ftrace: do not adjust the LR value (bnc#1012382).\n- arm64: hyp-stub: Forbid kprobing of the hyp-stub (bnc#1012382).\n- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).\n- arm64: KVM: Skip MMIO insn after emulation (bnc#1012382).\n- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).\n- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU (bnc#1012382).\n- ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment (bnc#1012382).\n- ARM: dts: da850-evm: Correct the sound card name (bnc#1012382).\n- ARM: dts: Fix OMAP4430 SDP Ethernet startup (bnc#1012382).\n- ARM: dts: kirkwood: Fix polarity of GPIO fan lines (bnc#1012382).\n- ARM: dts: mmp2: fix TWSI2 (bnc#1012382).\n- ARM: iop32x/n2100: fix PCI IRQ mapping (bnc#1012382).\n- ARM: OMAP2+: hwmod: Fix some section annotations (bnc#1012382).\n- ARM: pxa: avoid section mismatch warning (bnc#1012382).\n- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages (bnc#1012382).\n- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).\n- ata: Fix racy link clearance (bsc#1107866).\n- ax25: fix possible use-after-free (bnc#1012382).\n- batman-adv: Avoid WARN on net_device without parent in netns (bnc#1012382).\n- batman-adv: Force mac header to start of data on xmit (bnc#1012382).\n- block_dev: fix crash on chained bios with O_DIRECT (bsc#1090435).\n- block: do not use bio->bi_vcnt to figure out segment number (bsc#1128893).\n- block/loop: Use global lock for ioctl() operation (bnc#1012382).\n- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).\n- bluetooth: Fix unnecessary error message for HCI request completion (bnc#1012382).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).\n- bpf: fix replace_map_fd_with_map_ptr's ldimm64 second imm field (bsc#1012382).\n- btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bsc#1128452).\n- btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).\n- btrfs: tree-checker: Fix misleading group system information (bnc#1012382).\n- btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).\n- btrfs: validate type when reading a chunk (bnc#1012382).\n- btrfs: wait on ordered extents on abort cleanup (bnc#1012382).\n- can: bcm: check timer values before ktime conversion (bnc#1012382).\n- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bnc#1012382).\n- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).\n- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list (bsc#1126773).\n- ceph: clear inode pointer when snap realm gets dropped by its inode (bsc#1125809).\n- ch: add missing mutex_lock()/mutex_unlock() in ch_release() (bsc#1124235).\n- char/mwave: fix potential Spectre v1 vulnerability (bnc#1012382).\n- ch: fixup refcounting imbalance for SCSI devices (bsc#1124235).\n- cifs: Always resolve hostname before reconnecting (bnc#1012382).\n- cifs: check ntwrk_buf_start for NULL before dereferencing it (bnc#1012382).\n- cifs: Do not count -ENODATA as failure for query directory (bnc#1012382).\n- cifs: Do not hide EINTR after sending network packets (bnc#1012382).\n- cifs: Fix possible hang during async MTU reads and writes (bnc#1012382).\n- cifs: Fix potential OOB access of lock element array (bnc#1012382).\n- cifs: Limit memory used by lock request calls to a page (bnc#1012382).\n- clk: imx6q: reset exclusive gates on init (bnc#1012382).\n- clk: imx6sl: ensure MMDC CH0 handshake is bypassed (bnc#1012382).\n- copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).\n- cpufreq: intel_pstate: Fix HWP on boot CPU after system resume (bsc#1120017).\n- cpuidle: big.LITTLE: fix refcount leak (bnc#1012382).\n- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).\n- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).\n- crypto: cts - fix crash on short inputs (bnc#1012382).\n- crypto: user - support incremental algorithm dumps (bsc#1120902).\n- crypto: ux500 - Use proper enum in cryp_set_dma_transfer (bnc#1012382).\n- crypto: ux500 - Use proper enum in hash_set_dma_transfer (bnc#1012382).\n- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() (bnc#1012382).\n- dccp: fool proof ccid_hc_[rt]x_parse_options() (bnc#1012382).\n- debugfs: fix debugfs_rename parameter checking (bnc#1012382).\n- device property: Fix the length used in PROPERTY_ENTRY_STRING() (bsc#1129770).\n- Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).\n- dlm: Do not swamp the CPU with callbacks queued during recovery (bnc#1012382).\n- dmaengine: imx-dma: fix wrong callback invoke (bnc#1012382).\n- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).\n- dm crypt: factor IV constructor out to separate function (Git-fixes).\n- dm crypt: fix crash by adding missing check for auth key size (git-fixes).\n- dm crypt: fix error return code in crypt_ctr() (git-fixes).\n- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).\n- dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).\n- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).\n- dm: do not allow readahead to limit IO size (git fixes (readahead)).\n- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).\n- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).\n- dm thin: fix bug where bio that overwrites thin block ignores FUA (bnc#1012382).\n- Documentation/network: reword kernel version reference (bnc#1012382).\n- drbd: Avoid Clang warning about pointless switch statment (bnc#1012382).\n- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bnc#1012382).\n- drbd: narrow rcu_read_lock in drbd_sync_handshake (bnc#1012382).\n- drbd: skip spurious timeout (ping-timeo) when failing promote (bnc#1012382).\n- drivers: core: Remove glue dirs from sysfs earlier (bnc#1012382).\n- Drivers: hv: vmbus: Check for ring when getting debug info (bsc#1126389).\n- drm/bufs: Fix Spectre v1 vulnerability (bnc#1012382).\n- drm: Fix error handling in drm_legacy_addctx (bsc#1106929)\n- drm/i915: Block fbdev HPD processing during suspend (bsc#1106929)\n- drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set (bsc#1106929)\n- drm/modes: Prevent division by zero htotal (bnc#1012382).\n- drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON (bsc#1106929)\n- drm/nouveau/pmu: do not print reply values if exec is false (bsc#1106929)\n- drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1106929)\n- drm/vmwgfx: Do not double-free the mode stored in par->set_mode (bsc#1103429)\n- drm/vmwgfx: Fix setting of dma masks (bsc#1106929)\n- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1106929)\n- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).\n- EDAC: Raise the maximum number of memory controllers (bsc#1120722).\n- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).\n- enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959).\n- enic: do not overwrite error code (bnc#1012382).\n- enic: fix checksum validation for IPv6 (bnc#1012382).\n- exec: load_script: do not blindly truncate shebang string (bnc#1012382).\n- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).\n- ext4: Fix crash during online resizing (bsc#1122779).\n- f2fs: Add sanity_check_inode() function (bnc#1012382).\n- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).\n- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).\n- f2fs: clean up argument of recover_data (bnc#1012382).\n- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n- f2fs: detect wrong layout (bnc#1012382).\n- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).\n- f2fs: factor out fsync inode entry operations (bnc#1012382).\n- f2fs: fix inode cache leak (bnc#1012382).\n- f2fs: fix invalid memory access (bnc#1012382).\n- f2fs: fix missing up_read (bnc#1012382).\n- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).\n- f2fs: fix to convert inline directory correctly (bnc#1012382).\n- f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).\n- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).\n- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).\n- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).\n- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).\n- f2fs: fix to do sanity check with user_block_count (bnc#1012382).\n- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).\n- f2fs: fix wrong return value of f2fs_acl_create (bnc#1012382).\n- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).\n- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).\n- f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).\n- f2fs: move dir data flush to write checkpoint process (bnc#1012382).\n- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).\n- f2fs: not allow to write illegal blkaddr (bnc#1012382).\n- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).\n- f2fs: read page index before freeing (bnc#1012382).\n- f2fs: remove an obsolete variable (bnc#1012382).\n- f2fs: return error during fill_super (bnc#1012382).\n- f2fs: sanity check on sit entry (bnc#1012382).\n- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).\n- fbdev: chipsfb: remove set but not used variable 'size' (bsc#1106929)\n- Fix incorrect value for X86_FEATURE_TSX_FORCE_ABORT\n- Fix problem with sharetransport= and NFSv4 (bsc#1114893).\n- fs: add the fsnotify call to vfs_iter_write (bnc#1012382).\n- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() (bnc#1012382).\n- fs: do not scan the inode cache before SB_BORN is set (bnc#1012382).\n- fs/epoll: drop ovflist branch prediction (bnc#1012382).\n- fs: fix lost error code in dio_complete (bsc#1117744).\n- fuse: call pipe_buf_release() under pipe lock (bnc#1012382).\n- fuse: decrement NR_WRITEBACK_TEMP on the right page (bnc#1012382).\n- fuse: handle zero sized retrieve correctly (bnc#1012382).\n- futex: Fix (possible) missed wakeup (bsc#1050549).\n- gdrom: fix a memory leak bug (bnc#1012382).\n- gfs2: Revert 'Fix loop in gfs2_rbm_find' (bnc#1012382).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).\n- gpio: pl061: handle failed allocations (bnc#1012382).\n- gpu: ipu-v3: Fix CSI offsets for imx53 (bsc#1106929)\n- gpu: ipu-v3: Fix i.MX51 CSI control registers offset (bsc#1106929)\n- HID: debug: fix the ring buffer implementation (bnc#1012382).\n- HID: lenovo: Add checks to fix of_led_classdev_register (bnc#1012382).\n- hwmon: (lm80) fix a missing check of bus read in lm80 probe (bnc#1012382).\n- hwmon: (lm80) fix a missing check of the status of SMBus read (bnc#1012382).\n- hwmon: (lm80) Fix missing unlock on error in set_fan_div() (git-fixes).\n- i2c-axxia: check for error conditions first (bnc#1012382).\n- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).\n- IB/core: type promotion bug in rdma_rw_init_one_mr() ().\n- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n- ibmvnic: Increase maximum queue size limit (bsc#1121726).\n- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n- ibmvnic: Report actual backing device speed and duplex values (bsc#1129923).\n- ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).\n- IB/rxe: Fix incorrect cache cleanup in error flow ().\n- IB/rxe: replace kvfree with vfree ().\n- igb: Fix an issue that PME is not enabled during runtime suspend (bnc#1012382).\n- inet: frags: add a pointer to struct netns_frags (bnc#1012382).\n- inet: frags: better deal with smp races (bnc#1012382).\n- inet: frags: break the 2GB limit for frags storage (bnc#1012382).\n- inet: frags: change inet_frags_init_net() return value (bnc#1012382).\n- inet: frags: do not clone skb in ip_expire() (bnc#1012382).\n- inet: frags: fix ip6frag_low_thresh boundary (bnc#1012382).\n- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB (bnc#1012382).\n- inet: frags: get rif of inet_frag_evicting() (bnc#1012382).\n- inet: frags: refactor ipfrag_init() (bnc#1012382).\n- inet: frags: refactor ipv6_frag_init() (bnc#1012382).\n- inet: frags: refactor lowpan_net_frag_init() (bnc#1012382).\n- inet: frags: remove inet_frag_maybe_warn_overflow() (bnc#1012382).\n- inet: frags: remove some helpers (bnc#1012382).\n- inet: frags: reorganize struct netns_frags (bnc#1012382).\n- inet: frags: use rhashtables for reassembly units (bnc#1012382).\n- input: bma150 - register input device after setting private data (bnc#1012382).\n- input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK (bnc#1012382).\n- input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 (bnc#1012382).\n- input: mms114 - fix license module information (bsc#1087092).\n- input: xpad - add support for SteelSeries Stratus Duo (bnc#1012382).\n- intel_pstate: Update frequencies of policy->cpus only from ->set_policy() (bsc#1120017).\n- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bnc#1012382).\n- iommu/dmar: Fix buffer overflow during PCI bus notification (bsc#1129237).\n- iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bsc#1129238).\n- iommu/vt-d: Check identity map for hot-added devices (bsc#1129239).\n- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() (bsc#1129240).\n- ip: add helpers to process in-order fragments faster (bnc#1012382).\n- ipfrag: really prevent allocation on netns exit (bnc#1012382).\n- ip: frags: fix crash in ip_do_fragment() (bnc#1012382).\n- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).\n- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).\n- ip: process in-order fragments efficiently (bnc#1012382).\n- ip: use rb trees for IP frag queue (bnc#1012382).\n- ipv4: frags: precedence bug in ip_expire() (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to an address (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).\n- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).\n- ipv6: frags: rewrite ip6_expire_frag_queue() (bnc#1012382).\n- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).\n- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size (bnc#1012382).\n- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw() (bnc#1012382).\n- ixgbe: fix crash in build_skb Rx code path (git-fixes).\n- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).\n- kABI: protect linux/kfifo.h include in hid-debug (kabi).\n- kABI: protect struct hda_bus (kabi).\n- kABI: protect struct inet_peer (kabi).\n- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).\n- kallsyms: Handle too long symbols in kallsyms.c (bsc#1126805).\n- kaweth: use skb_cow_head() to deal with cloned skbs (bnc#1012382).\n- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).\n- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).\n- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (bnc#1012382).\n- kernel/hung_task.c: break RCU locks based on jiffies (bnc#1012382).\n- KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137).\n- kvm: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving tables (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Fix return value for device table restore (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Fix vgic_its_restore_collection_table returned value (bsc#1109248).\n- kvm: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1129413).\n- kvm: nVMX: Free the VMREAD/VMWRITE bitmaps if alloc_kvm_area() fails (bsc#1129414).\n- kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT (bsc#1129415).\n- kvm: nVMX: Set VM instruction error for VMPTRLD of unbacked page (bsc#1129416).\n- kvm: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1129417).\n- kvm: VMX: Fix x2apic check in vmx_msr_bitmap_mode() (bsc#1124166).\n- kvm: VMX: Missing part of upstream commit 904e14fb7cb9 (bsc#1124166).\n- kvm: vmx: Set IA32_TSC_AUX for legacy mode guests (bsc#1129418).\n- kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs (bsc#1127082).\n- kvm: x86: Fix single-step debugging (bnc#1012382).\n- kvm: x86: IA32_ARCH_CAPABILITIES is always supported (bsc#1129419).\n- kvm: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (bnc#1012382).\n- l2tp: copy 4 more bytes to linear part if necessary (bnc#1012382).\n- l2tp: fix reading optional fields of L2TPv3 (bnc#1012382).\n- l2tp: remove l2specific_len dependency in l2tp_core (bnc#1012382).\n- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() (bsc#1125810).\n- libceph: handle an empty authorize reply (bsc#1126772).\n- libnvdimm: fix ars_status output length calculation (bsc#1124777).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1124811).\n- libnvdimm: Use max contiguous area for namespace size (bsc#1124780).\n- locking/rwsem: Fix (possible) missed wakeup (bsc#1050549).\n- loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).\n- loop: Fold __loop_release into loop_release (bnc#1012382).\n- loop: Get rid of loop_index_mutex (bnc#1012382).\n- LSM: Check for NULL cred-security on free (bnc#1012382).\n- mac80211: ensure that mgmt tx skbs have tailroom for encryption (bnc#1012382).\n- mac80211: fix radiotap vendor presence bitmap handling (bnc#1012382).\n- md: batch flush requests (bsc#1119680).\n- mdio_bus: Fix use-after-free on device_register fails (git-fixes).\n- media: DaVinci-VPBE: fix error handling in vpbe_initialize() (bnc#1012382).\n- media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).\n- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).\n- media: vb2: be sure to unlock mutex on errors (bnc#1012382).\n- media: vb2: vb2_mmap: move lock up (bnc#1012382).\n- media: vivid: fix error handling of kthread_run (bnc#1012382).\n- media: vivid: set min width/height to a value > 0 (bnc#1012382).\n- memstick: Prevent memstick host from getting runtime suspended during card detection (bnc#1012382).\n- mfd: as3722: Handle interrupts on suspend (bnc#1012382).\n- mfd: as3722: Mark PM functions as __maybe_unused (bnc#1012382).\n- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).\n- misc: vexpress: Off by one in vexpress_syscfg_exec() (bnc#1012382).\n- mISDN: fix a race in dev_expire_timer() (bnc#1012382).\n- mlxsw: pci: Correctly determine if descriptor queue is full (git-fixes).\n- mlxsw: reg: Use correct offset in field definiton (git-fixes).\n- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).\n- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).\n- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bnc#1012382).\n- mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL (bnc#1012382).\n- mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages (bsc#1127731).\n- mm: migrate: do not rely on __PageMovable() of newpage after unlocking it (bnc#1012382).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm, oom: fix use-after-free in oom_kill_process (bnc#1012382).\n- mm, page_alloc: drop should_suppress_show_mem (bnc#1125892, bnc#1106061).\n- mm/page-writeback.c: do not break integrity writeback on ->writepage() error (bnc#1012382).\n- mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).\n- mm, slab: faster active and free stats (bsc#116653, VM Performance).\n- mm/slab: improve performance of gathering slabinfo stats (bsc#116653, VM Performance).\n- mm, slab: maintain total slab count instead of active count (bsc#116653, VM Performance).\n- modpost: validate symbol names also in find_elf_symbol (bnc#1012382).\n- mtd: rawnand: gpmi: fix MX28 bus master lockup problem (bnc#1012382).\n- net: Add header for usage of fls64() (bnc#1012382).\n- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).\n- net: bridge: Fix ethernet header pointer before check skb forwardable (bnc#1012382).\n- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).\n- net: Do not allocate page fragments that are not skb aligned (bnc#1012382).\n- net: dp83640: expire old TX-skb (bnc#1012382).\n- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).\n- net: dsa: mv88e6xxx: fix port VLAN maps (git-fixes).\n- net: dsa: slave: Do not propagate flag changes on down slave interfaces (bnc#1012382).\n- net: Fix for_each_netdev_feature on Big endian (bnc#1012382).\n- net: fix IPv6 prefix route residue (bnc#1012382).\n- net: fix pskb_trim_rcsum_slow() with odd trim offset (bnc#1012382).\n- net: Fix usage of pskb_trim_rcsum (bnc#1012382).\n- net/hamradio/6pack: Convert timers to use timer_setup() (git-fixes).\n- net/hamradio/6pack: use mod_timer() to rearm timers (git-fixes).\n- net: ieee802154: 6lowpan: fix frag reassembly (bnc#1012382).\n- net: ipv4: do not handle duplicate fragments as overlapping (bnc#1012382 bsc#1116345).\n- net: ipv4: Fix memory leak in network namespace dismantle (bnc#1012382).\n- net: ipv4: use a dedicated counter for icmp_v4 redirect packets (bnc#1012382).\n- net: lan78xx: Fix race in tx pending skb size calculation (git-fixes).\n- net/mlx4_core: Add masking for a few queries on HCA caps (bnc#1012382).\n- net/mlx4_core: drop useless LIST_HEAD (git-fixes).\n- net/mlx4_core: Fix qp mtt size calculation (git-fixes).\n- net/mlx4_core: Fix reset flow when in command polling mode (git-fixes).\n- net/mlx4: Fix endianness issue in qp context params (git-fixes).\n- net/mlx5: Continue driver initialization despite debugfs failure (git-fixes).\n- net/mlx5e: Fix TCP checksum in LRO buffers (git-fixes).\n- net/mlx5: Fix driver load bad flow when having fw initializing timeout (git-fixes).\n- net/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (git-fixes).\n- net/mlx5: Fix use-after-free in self-healing flow (git-fixes).\n- net/mlx5: Return success for PAGE_FAULT_RESUME in internal error state (git-fixes).\n- net: modify skb_rbtree_purge to return the truesize of all purged skbs (bnc#1012382).\n- net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets (git-fixes).\n- net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS (git-fixes).\n- net: phy: bcm7xxx: Fix shadow mode 2 disabling (git-fixes).\n- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends (bnc#1012382).\n- net: qca_spi: Fix race condition in spi transfers (git-fixes).\n- netrom: switch to sock timer API (bnc#1012382).\n- net/rose: fix NULL ax25_cb kernel panic (bnc#1012382).\n- net_sched: refetch skb protocol for each filter (bnc#1012382).\n- net: speed up skb_rbtree_purge() (bnc#1012382).\n- net: stmmac: Fix a race in EEE enable callback (bnc#1012382).\n- net: stmmac: Fix a race in EEE enable callback (git-fixes).\n- net: systemport: Fix WoL with password after deep sleep (bnc#1012382).\n- net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (git-fixes).\n- net/x25: do not hold the cpu too long in x25_new_lci() (bnc#1012382).\n- NFC: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).\n- nfit: fix unchecked dereference in acpi_nfit_ctl (bsc#1125014).\n- nfsd4: fix crash on writing v4_end_grace before nfsd startup (bnc#1012382).\n- NFS: nfs_compare_mount_options always compare auth flavors (bnc#1012382).\n- niu: fix missing checks of niu_pci_eeprom_read (bnc#1012382).\n- ocfs2: do not clear bh uptodate for block read (bnc#1012382).\n- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).\n- omap2fb: Fix stack memory disclosure (bsc#1106929)\n- openvswitch: Avoid OOB read when parsing flow nlattrs (bnc#1012382).\n- packet: Do not leak dev refcounts on error exit (bnc#1012382).\n- pci: altera: Check link status before retrain link (bnc#1012382).\n- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).\n- pci: altera: Poll for link training status after retraining the link (bnc#1012382).\n- pci: altera: Poll for link up status after retraining the link (bnc#1012382).\n- pci: altera: Reorder read/write functions (bnc#1012382).\n- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).\n- pci/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bsc#1129241).\n- perf/core: Do not WARN() for impossible ring-buffer sizes (bnc#1012382).\n- perf/core: Fix impossible ring-buffer sizes warning (bnc#1012382).\n- perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).\n- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf tests evsel-tp-sched: Fix bitwise operator (bnc#1012382).\n- perf tools: Add Hygon Dhyana support (bnc#1012382).\n- perf unwind: Take pgoff into account when reporting elf to libdwfl (bnc#1012382).\n- perf unwind: Unwind with libdw does not take symfs into account (bnc#1012382).\n- perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805).\n- perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() (bsc#1121805).\n- perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805).\n- perf/x86/intel: Fix memory corruption (bsc#1121805).\n- perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805).\n- perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805).\n- perf/x86/intel: Make cpuc allocations consistent (bsc#1121805).\n- perf/x86/intel/uncore: Add Node ID mask (bnc#1012382).\n- phy: micrel: Ensure interrupts are reenabled on resume (git-fixes).\n- pinctrl: msm: fix gpio-hog related boot issues (bnc#1012382).\n- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bnc#1012382).\n- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bnc#1012382).\n- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).\n- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1099810).\n- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n- powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).\n- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).\n- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n- powerpc/pseries: Add CPU dlpar remove functionality (bsc#1128756).\n- powerpc/pseries: add of_node_put() in dlpar_detach_node() (bnc#1012382).\n- powerpc/pseries: Consolidate CPU hotplug code to hotplug-cpu.c (bsc#1128756).\n- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).\n- powerpc/pseries: Factor out common cpu hotplug code (bsc#1128756).\n- powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bsc#1128756).\n- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n- powerpc/smp: Rework CPU topology construction (bsc#1109695).\n- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n- powerpc/uaccess: fix warning/error with access_ok() (bnc#1012382).\n- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n- pppoe: fix reception of frames with no mac header (git-fixes).\n- pptp: dst_release sk_dst_cache in pptp_sock_destruct (git-fixes).\n- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).\n- pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080).\n- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).\n- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl (bnc#1012382).\n- r8169: Add support for new Realtek Ethernet (bnc#1012382).\n- rbd: do not return 0 on unmap if RBD_DEV_FLAG_REMOVING is set (bsc#1125808).\n- rcu: Force boolean subscript for expedited stall warnings (bnc#1012382).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).\n- RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).\n- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- Revert 'cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)' (bnc#1012382).\n- Revert 'exec: load_script: do not blindly truncate shebang string' (bnc#1012382).\n- Revert 'Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G' (bnc#1012382).\n- Revert 'loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()' (bnc#1012382).\n- Revert 'loop: Fold __loop_release into loop_release' (bnc#1012382).\n- Revert 'loop: Get rid of loop_index_mutex' (bnc#1012382).\n- Revert 'mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).' The backport patch does not built properly.\n- Revert 'mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL' (bnc#1012382).\n- Revert 'net: stmmac: Fix a race in EEE enable callback (git-fixes).' This reverts commit f323fa8d233c1f44aff17e6fae90c2c8be30edf9. The patch was already included in stable 4.4.176.\n- Revert 'sd: disable logical block provisioning if 'lbpme' is not set' This reverts commit 96370bd87299c7a6883b3e2bf13818f60c8ba611. Patch not accepted upstream.\n- Revert 'x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls' (bsc#1128565).\n- rhashtable: Add rhashtable_lookup() (bnc#1012382).\n- rhashtable: add rhashtable_lookup_get_insert_key() (bnc#1012382 bsc#1042286).\n- rhashtable: add schedule points (bnc#1012382).\n- rhashtable: reorganize struct rhashtable layout (bnc#1012382).\n- s390/early: improve machine detection (bnc#1012382).\n- s390/qeth: cancel close_dev work before removing a card (LTC#175898, bsc#1127561).\n- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU (bnc#1012382).\n- s390/smp: fix CPU hotplug deadlock with CPU rescan (bnc#1012382).\n- sata_rcar: fix deferred probing (bnc#1012382).\n- sched/wake_q: Document wake_q_add() (bsc#1050549).\n- sched/wake_q: Fix wakeup ordering for wake_q (bsc#1050549).\n- sched/wake_q: Reduce reference counting for special users (bsc#1050549).\n- scripts/decode_stacktrace: only strip base path when a prefix of the path (bnc#1012382).\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scsi: aacraid: Fix missing break in switch statement (bsc#1128696).\n- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).\n- scsi: lpfc: Correct LCB RJT handling (bnc#1012382).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1125796).\n- scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid (bsc#1127725).\n- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).\n- scsi: mpt3sas: Add an I/O barrier (bsc#1117108).\n- scsi: mpt3sas: Added support for nvme encapsulated request message (bsc#1117108).\n- scsi: mpt3sas: Added support for SAS Device Discovery Error Event (bsc#1117108).\n- scsi: mpt3sas: Adding support for SAS3616 HBA device (bsc#1117108).\n- scsi: mpt3sas: Add ioc_<level> logging macros (bsc#1117108).\n- scsi: mpt3sas: Add nvme device support in slave alloc, target alloc and probe (bsc#1117108).\n- scsi: mpt3sas: Add PCI device ID for Andromeda (bsc#1117108).\n- scsi: mpt3sas: Add-Task-management-debug-info-for-NVMe-drives (bsc#1117108).\n- scsi: mpt3sas: Allow processing of events during driver unload (bsc#1117108).\n- scsi: mpt3sas: always use first reserved smid for ioctl passthrough (bsc#1117108).\n- scsi: mpt3sas: Annotate switch/case fall-through (bsc#1117108).\n- scsi: mpt3sas: API's to remove nvme drive from sml (bsc#1117108).\n- scsi: mpt3sas: API 's to support NVMe drive addition to SML (bsc#1117108).\n- scsi: mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (bsc#1117108).\n- scsi: mpt3sas: Bug fix for big endian systems (bsc#1117108).\n- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (bsc#1117108).\n- scsi: mpt3sas: Cache enclosure pages during enclosure add (bsc#1117108).\n- scsi: mpt3sas: check command status before attempting abort (bsc#1117108).\n- scsi: mpt3sas: clarify mmio pointer types (bsc#1117108).\n- scsi: mpt3sas: cleanup _scsih_pcie_enumeration_event() (bsc#1117108).\n- scsi: mpt3sas: Configure reply post queue depth, DMA and sgl tablesize (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT and reply_q_name to %s: (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT without logging levels (bsc#1117108).\n- scsi: mpt3sas: Convert mlsleading uses of pr_<level> with MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Convert uses of pr_<level> with MPT3SAS_FMT to ioc_<level> (bsc#1117108).\n- scsi: mpt3sas: Display chassis slot information of the drive (bsc#1117108).\n- scsi: mpt3sas: Do not abort I/Os issued to NVMe drives while processing Async Broadcast primitive event (bsc#1117108).\n- scsi: mpt3sas: Do not access the structure after decrementing it's instance reference count (bsc#1117108).\n- scsi: mpt3sas: Do not use 32-bit atomic request descriptor for Ventura controllers (bsc#1117108).\n- scsi: mpt3sas: Enhanced handling of Sense Buffer (bsc#1117108).\n- scsi: mpt3sas: fix an out of bound write (bsc#1117108).\n- scsi: mpt3sas: Fix a race condition in mpt3sas_base_hard_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Fix calltrace observed while running IO & reset (bsc#1117108).\n- scsi: mpt3sas: fix dma_addr_t casts (bsc#1117108).\n- scsi: mpt3sas: Fixed memory leaks in driver (bsc#1117108).\n- scsi: mpt3sas: Fix, False timeout prints for ioctl and other internal commands during controller reset (bsc#1117108).\n- scsi: mpt3sas: fix format overflow warning (bsc#1117108).\n- scsi: mpt3sas: Fix indentation (bsc#1117108).\n- scsi: mpt3sas: Fix memory allocation failure test in 'mpt3sas_base_attach()' (bsc#1117108).\n- scsi: mpt3sas: Fix nvme drives checking for tlr (bsc#1117108).\n- scsi: mpt3sas: fix oops in error handlers after shutdown/unload (bsc#1117108).\n- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (bsc#1117108).\n- scsi: mpt3sas: fix possible memory leak (bsc#1117108).\n- scsi: mpt3sas: fix pr_info message continuation (bsc#1117108).\n- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (bsc#1117108).\n- scsi: mpt3sas: Fix sparse warnings (bsc#1117108).\n- scsi: mpt3sas: fix spelling mistake: 'disbale' -> 'disable' (bsc#1117108).\n- scsi: mpt3sas: For NVME device, issue a protocol level reset (bsc#1117108).\n- scsi: mpt3sas: Handle NVMe PCIe device related events generated from firmware (bsc#1117108).\n- scsi: mpt3sas: Improve kernel-doc headers (bsc#1117108).\n- scsi: mpt3sas: Incorrect command status was set/marked as not used (bsc#1117108).\n- scsi: mpt3sas: Increase event log buffer to support 24 port HBA's (bsc#1117108).\n- scsi: mpt3sas: Introduce API to get BAR0 mapped buffer address (bsc#1117108).\n- scsi: mpt3sas: Introduce Base function for cloning (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi reply (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi request (bsc#1117108).\n- scsi: mpt3sas: Introduce mpt3sas_get_st_from_smid() (bsc#1117108).\n- scsi: mpt3sas: Introduce struct mpt3sas_nvme_cmd (bsc#1117108).\n- scsi: mpt3sas: Lockless access for chain buffers (bsc#1117108).\n- scsi: mpt3sas: lockless command submission (bsc#1117108).\n- scsi: mpt3sas: make function _get_st_from_smid static (bsc#1117108).\n- scsi: mpt3sas: NVMe drive support for BTDHMAPPING ioctl command and log info (bsc#1117108).\n- scsi: mpt3sas: open-code _scsih_scsi_lookup_get() (bsc#1117108).\n- scsi: mpt3sas: Optimize I/O memory consumption in driver (bsc#1117108).\n- scsi: mpt3sas: Pre-allocate RDPQ Array at driver boot time (bsc#1117108).\n- scsi: mpt3sas: Processing of Cable Exception events (bsc#1117108).\n- scsi: mpt3sas: Reduce memory footprint in kdump kernel (bsc#1117108).\n- scsi: mpt3sas: remove a stray KERN_INFO (bsc#1117108).\n- scsi: mpt3sas: Remove KERN_WARNING from panic uses (bsc#1117108).\n- scsi: mpt3sas: remove redundant copy_from_user in _ctl_getiocinfo (bsc#1117108).\n- scsi: mpt3sas: remove redundant wmb (bsc#1117108).\n- scsi: mpt3sas: Remove set-but-not-used variables (bsc#1117108).\n- scsi: mpt3sas: Remove unnecessary parentheses and simplify null checks (bsc#1117108).\n- scsi: mpt3sas: Remove unused macro MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Remove unused variable requeue_event (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Report Firmware Package Version from HBA Driver (bsc#1117108).\n- scsi: mpt3sas: scan and add nvme device after controller reset (bsc#1117108).\n- scsi: mpt3sas: separate out _base_recovery_check() (bsc#1117108).\n- scsi: mpt3sas: set default value for cb_idx (bsc#1117108).\n- scsi: mpt3sas: Set NVMe device queue depth as 128 (bsc#1117108).\n- scsi: mpt3sas: SGL to PRP Translation for I/Os to NVMe devices (bsc#1117108).\n- scsi: mpt3sas: simplify mpt3sas_scsi_issue_tm() (bsc#1117108).\n- scsi: mpt3sas: simplify task management functions (bsc#1117108).\n- scsi: mpt3sas: simplify _wait_for_commands_to_complete() (bsc#1117108).\n- scsi: mpt3sas: Split _base_reset_handler(), mpt3sas_scsih_reset_handler() and mpt3sas_ctl_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Swap I/O memory read value back to cpu endianness (bsc#1117108).\n- scsi: mpt3sas: switch to generic DMA API (bsc#1117108).\n- scsi: mpt3sas: switch to pci_alloc_irq_vectors (bsc#1117108).\n- scsi: mpt3sas: Updated MPI headers to v2.00.48 (bsc#1117108).\n- scsi: mpt3sas: Update driver version '25.100.00.00' (bsc#1117108).\n- scsi: mpt3sas: Update driver version '26.100.00.00' (bsc#1117108).\n- scsi: mpt3sas: Update MPI Headers (bsc#1117108).\n- scsi: mpt3sas: Update mpt3sas driver version (bsc#1117108).\n- scsi: mpt3sas: Use dma_pool_zalloc (bsc#1117108).\n- scsi: mpt3sas: use list_splice_init() (bsc#1117108).\n- scsi: mpt3sas: wait for and flush running commands on shutdown/unload (bsc#1117108).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1125794).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1121713).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1121713).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1121713).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1121713).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1121713).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1121713).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1121713).\n- scsi: sd: Fix cache_type_store() (bnc#1012382).\n- scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() (bsc#1125315).\n- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).\n- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).\n- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).\n- sd: disable logical block provisioning if 'lbpme' is not set (bsc#1086095 bsc#1078355).\n- selinux: fix GPF on invalid policy (bnc#1012382).\n- seq_buf: Make seq_buf_puts() null-terminate the buffer (bnc#1012382).\n- serial: fsl_lpuart: clear parity enable bit when disable parity (bnc#1012382).\n- series.conf: Move 'patches.fixes/aio-hold-an-extra-file-reference-over-AIO-read-write.patch' into sorted section.\n- signal: Always notice exiting tasks (bnc#1012382).\n- signal: Better detection of synchronous signals (bnc#1012382).\n- signal: Restore the stop PTRACE_EVENT_EXIT (bnc#1012382).\n- skge: potential memory corruption in skge_get_regs() (bnc#1012382).\n- sky2: Increase D3 delay again (bnc#1012382).\n- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).\n- smack: fix access permissions for keyring (bnc#1012382).\n- smsc95xx: Use skb_cow_head to deal with cloned skbs (bnc#1012382).\n- soc/tegra: Do not leak device tree node reference (bnc#1012382).\n- staging:iio:ad2s90: Make probe handle spi_setup failure (bnc#1012382).\n- staging: iio: ad7780: update voltage on read (bnc#1012382).\n- staging: iio: adc: ad7280a: handle error from __ad7280_read32() (bnc#1012382).\n- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bnc#1012382).\n- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).\n- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (bnc#1012382).\n- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).\n- tcp: clear icsk_backoff in tcp_write_queue_purge() (bnc#1012382).\n- tcp: tcp_v4_err() should be more careful (bnc#1012382).\n- team: avoid complex list operations in team_nl_cmd_options_set() (bnc#1012382).\n- team: Free BPF filter when unregistering netdev (git-fixes).\n- test_hexdump: use memcpy instead of strncpy (bnc#1012382).\n- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set (bnc#1012382).\n- timekeeping: Use proper seqcount initializer (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).\n- tipc: use destination length for copy string (bnc#1012382).\n- tracing: Do not free iter->trace in fail path of tracing_open_pipe() (bsc#1129581).\n- tracing/uprobes: Fix output for multiple string arguments (bnc#1012382).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Handle problem if line discipline does not have receive_buf (bnc#1012382).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).\n- tty/n_hdlc: fix __might_sleep warning (bnc#1012382).\n- tty: serial: samsung: Properly set flags in autoCTS mode (bnc#1012382).\n- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (bnc#1012382).\n- uapi/if_ether.h: prevent redefinition of struct ethhdr (bnc#1012382).\n- ucc_geth: Reset BQL queue when stopping device (bnc#1012382).\n- udf: Fix BUG on corrupted inode (bnc#1012382).\n- um: Avoid marking pages with 'changed protection' (bnc#1012382).\n- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).\n- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).\n- usb: dwc2: Remove unnecessary kfree (bnc#1012382).\n- usb: gadget: udc: net2272: Fix bitwise and boolean operations (bnc#1012382).\n- usb: hub: delay hub autosuspend if USB3 port is still link training (bnc#1012382).\n- usb: phy: am335x: fix race condition in _probe (bnc#1012382).\n- usb: serial: pl2303: add new PID to support PL2303TB (bnc#1012382).\n- usb: serial: simple: add Motorola Tetra TPG2200 device id (bnc#1012382).\n- usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).\n- video: clps711x-fb: release disp device node in probe() (bnc#1012382).\n- vsock: cope with memory allocation failure at socket creation time (bnc#1012382).\n- vt: invoke notifier on screen size change (bnc#1012382).\n- vxlan: test dev->flags & IFF_UP before calling netif_rx() (bnc#1012382).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1120902).\n- writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).\n- x86: Add TSX Force Abort CPUID/MSR (bsc#1121805).\n- x86/a.out: Clear the dump structure initially (bnc#1012382).\n- x86/fpu: Add might_fault() to user_insn() (bnc#1012382).\n- x86/kaslr: Fix incorrect i8254 outb() parameters (bnc#1012382).\n- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32 (bnc#1012382).\n- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bnc#1012382).\n- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux) (bnc#1012382).\n- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).\n- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls (bnc#1012382).\n- x86: respect memory size limiting via mem= parameter (bsc#1117645).\n- x86/xen: dont add memory above max allowed allocation (bsc#1117645).\n- xen, cpu_hotplug: Prevent an out of bounds access (bsc#1065600).\n- xen: remove pre-xen3 fallback handlers (bsc#1065600).\n- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (bnc#1012382).\n- xfrm: refine validation of template and selector families (bnc#1012382).\n- Yama: Check for pid death before checking ancestry (bnc#1012382).\n- xfs: remove filestream item xfs_inode reference (bsc#1127961).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2019-901,SUSE-SLE-SERVER-12-SP3-2019-901","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0901-1.json"},{"category":"self","summary":"URL for SUSE-SU-2019:0901-1","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190901-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2019:0901-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2019-April/005309.html"},{"category":"self","summary":"SUSE Bug 1012382","url":"https://bugzilla.suse.com/1012382"},{"category":"self","summary":"SUSE Bug 1020413","url":"https://bugzilla.suse.com/1020413"},{"category":"self","summary":"SUSE Bug 1023175","url":"https://bugzilla.suse.com/1023175"},{"category":"self","summary":"SUSE Bug 1031492","url":"https://bugzilla.suse.com/1031492"},{"category":"self","summary":"SUSE Bug 1042286","url":"https://bugzilla.suse.com/1042286"},{"category":"self","summary":"SUSE Bug 1050549","url":"https://bugzilla.suse.com/1050549"},{"category":"self","summary":"SUSE Bug 1065600","url":"https://bugzilla.suse.com/1065600"},{"category":"self","summary":"SUSE Bug 1070767","url":"https://bugzilla.suse.com/1070767"},{"category":"self","summary":"SUSE Bug 1075697","url":"https://bugzilla.suse.com/1075697"},{"category":"self","summary":"SUSE Bug 1078355","url":"https://bugzilla.suse.com/1078355"},{"category":"self","summary":"SUSE Bug 1082943","url":"https://bugzilla.suse.com/1082943"},{"category":"self","summary":"SUSE Bug 1086095","url":"https://bugzilla.suse.com/1086095"},{"category":"self","summary":"SUSE Bug 1086652","url":"https://bugzilla.suse.com/1086652"},{"category":"self","summary":"SUSE Bug 1087036","url":"https://bugzilla.suse.com/1087036"},{"category":"self","summary":"SUSE Bug 1087092","url":"https://bugzilla.suse.com/1087092"},{"category":"self","summary":"SUSE Bug 1090435","url":"https://bugzilla.suse.com/1090435"},{"category":"self","summary":"SUSE Bug 1094823","url":"https://bugzilla.suse.com/1094823"},{"category":"self","summary":"SUSE Bug 1099810","url":"https://bugzilla.suse.com/1099810"},{"category":"self","summary":"SUSE Bug 1102875","url":"https://bugzilla.suse.com/1102875"},{"category":"self","summary":"SUSE Bug 1102877","url":"https://bugzilla.suse.com/1102877"},{"category":"self","summary":"SUSE Bug 1102879","url":"https://bugzilla.suse.com/1102879"},{"category":"self","summary":"SUSE Bug 1102882","url":"https://bugzilla.suse.com/1102882"},{"category":"self","summary":"SUSE Bug 1102896","url":"https://bugzilla.suse.com/1102896"},{"category":"self","summary":"SUSE Bug 1102959","url":"https://bugzilla.suse.com/1102959"},{"category":"self","summary":"SUSE Bug 1103429","url":"https://bugzilla.suse.com/1103429"},{"category":"self","summary":"SUSE Bug 1105428","url":"https://bugzilla.suse.com/1105428"},{"category":"self","summary":"SUSE Bug 1106061","url":"https://bugzilla.suse.com/1106061"},{"category":"self","summary":"SUSE Bug 1106105","url":"https://bugzilla.suse.com/1106105"},{"category":"self","summary":"SUSE Bug 1106929","url":"https://bugzilla.suse.com/1106929"},{"category":"self","summary":"SUSE Bug 1107866","url":"https://bugzilla.suse.com/1107866"},{"category":"self","summary":"SUSE Bug 1109137","url":"https://bugzilla.suse.com/1109137"},{"category":"self","summary":"SUSE Bug 1109248","url":"https://bugzilla.suse.com/1109248"},{"category":"self","summary":"SUSE Bug 1109695","url":"https://bugzilla.suse.com/1109695"},{"category":"self","summary":"SUSE Bug 1114893","url":"https://bugzilla.suse.com/1114893"},{"category":"self","summary":"SUSE Bug 1116345","url":"https://bugzilla.suse.com/1116345"},{"category":"self","summary":"SUSE Bug 1116653","url":"https://bugzilla.suse.com/1116653"},{"category":"self","summary":"SUSE Bug 1117108","url":"https://bugzilla.suse.com/1117108"},{"category":"self","summary":"SUSE Bug 1117645","url":"https://bugzilla.suse.com/1117645"},{"category":"self","summary":"SUSE Bug 1117744","url":"https://bugzilla.suse.com/1117744"},{"category":"self","summary":"SUSE Bug 1119019","url":"https://bugzilla.suse.com/1119019"},{"category":"self","summary":"SUSE Bug 1119680","url":"https://bugzilla.suse.com/1119680"},{"category":"self","summary":"SUSE Bug 1119843","url":"https://bugzilla.suse.com/1119843"},{"category":"self","summary":"SUSE Bug 1120017","url":"https://bugzilla.suse.com/1120017"},{"category":"self","summary":"SUSE Bug 1120691","url":"https://bugzilla.suse.com/1120691"},{"category":"self","summary":"SUSE Bug 1120722","url":"https://bugzilla.suse.com/1120722"},{"category":"self","summary":"SUSE Bug 1120758","url":"https://bugzilla.suse.com/1120758"},{"category":"self","summary":"SUSE Bug 1120902","url":"https://bugzilla.suse.com/1120902"},{"category":"self","summary":"SUSE Bug 1121713","url":"https://bugzilla.suse.com/1121713"},{"category":"self","summary":"SUSE Bug 1121726","url":"https://bugzilla.suse.com/1121726"},{"category":"self","summary":"SUSE Bug 1121805","url":"https://bugzilla.suse.com/1121805"},{"category":"self","summary":"SUSE Bug 1122650","url":"https://bugzilla.suse.com/1122650"},{"category":"self","summary":"SUSE Bug 1122651","url":"https://bugzilla.suse.com/1122651"},{"category":"self","summary":"SUSE Bug 1122779","url":"https://bugzilla.suse.com/1122779"},{"category":"self","summary":"SUSE Bug 1122885","url":"https://bugzilla.suse.com/1122885"},{"category":"self","summary":"SUSE Bug 1123321","url":"https://bugzilla.suse.com/1123321"},{"category":"self","summary":"SUSE Bug 1123323","url":"https://bugzilla.suse.com/1123323"},{"category":"self","summary":"SUSE Bug 1123357","url":"https://bugzilla.suse.com/1123357"},{"category":"self","summary":"SUSE Bug 1123933","url":"https://bugzilla.suse.com/1123933"},{"category":"self","summary":"SUSE Bug 1124166","url":"https://bugzilla.suse.com/1124166"},{"category":"self","summary":"SUSE Bug 1124235","url":"https://bugzilla.suse.com/1124235"},{"category":"self","summary":"SUSE Bug 1124728","url":"https://bugzilla.suse.com/1124728"},{"category":"self","summary":"SUSE Bug 1124732","url":"https://bugzilla.suse.com/1124732"},{"category":"self","summary":"SUSE Bug 1124735","url":"https://bugzilla.suse.com/1124735"},{"category":"self","summary":"SUSE Bug 1124775","url":"https://bugzilla.suse.com/1124775"},{"category":"self","summary":"SUSE Bug 1124777","url":"https://bugzilla.suse.com/1124777"},{"category":"self","summary":"SUSE Bug 1124780","url":"https://bugzilla.suse.com/1124780"},{"category":"self","summary":"SUSE Bug 1124811","url":"https://bugzilla.suse.com/1124811"},{"category":"self","summary":"SUSE Bug 1125000","url":"https://bugzilla.suse.com/1125000"},{"category":"self","summary":"SUSE Bug 1125014","url":"https://bugzilla.suse.com/1125014"},{"category":"self","summary":"SUSE Bug 1125315","url":"https://bugzilla.suse.com/1125315"},{"category":"self","summary":"SUSE Bug 1125446","url":"https://bugzilla.suse.com/1125446"},{"category":"self","summary":"SUSE Bug 1125794","url":"https://bugzilla.suse.com/1125794"},{"category":"self","summary":"SUSE Bug 1125796","url":"https://bugzilla.suse.com/1125796"},{"category":"self","summary":"SUSE Bug 1125808","url":"https://bugzilla.suse.com/1125808"},{"category":"self","summary":"SUSE Bug 1125809","url":"https://bugzilla.suse.com/1125809"},{"category":"self","summary":"SUSE Bug 1125810","url":"https://bugzilla.suse.com/1125810"},{"category":"self","summary":"SUSE Bug 1125892","url":"https://bugzilla.suse.com/1125892"},{"category":"self","summary":"SUSE Bug 1126389","url":"https://bugzilla.suse.com/1126389"},{"category":"self","summary":"SUSE Bug 1126772","url":"https://bugzilla.suse.com/1126772"},{"category":"self","summary":"SUSE Bug 1126773","url":"https://bugzilla.suse.com/1126773"},{"category":"self","summary":"SUSE Bug 1126805","url":"https://bugzilla.suse.com/1126805"},{"category":"self","summary":"SUSE Bug 1127082","url":"https://bugzilla.suse.com/1127082"},{"category":"self","summary":"SUSE Bug 1127155","url":"https://bugzilla.suse.com/1127155"},{"category":"self","summary":"SUSE Bug 1127561","url":"https://bugzilla.suse.com/1127561"},{"category":"self","summary":"SUSE Bug 1127725","url":"https://bugzilla.suse.com/1127725"},{"category":"self","summary":"SUSE Bug 1127731","url":"https://bugzilla.suse.com/1127731"},{"category":"self","summary":"SUSE Bug 1127961","url":"https://bugzilla.suse.com/1127961"},{"category":"self","summary":"SUSE Bug 1128166","url":"https://bugzilla.suse.com/1128166"},{"category":"self","summary":"SUSE Bug 1128452","url":"https://bugzilla.suse.com/1128452"},{"category":"self","summary":"SUSE Bug 1128565","url":"https://bugzilla.suse.com/1128565"},{"category":"self","summary":"SUSE Bug 1128696","url":"https://bugzilla.suse.com/1128696"},{"category":"self","summary":"SUSE Bug 1128756","url":"https://bugzilla.suse.com/1128756"},{"category":"self","summary":"SUSE Bug 1128893","url":"https://bugzilla.suse.com/1128893"},{"category":"self","summary":"SUSE Bug 1129080","url":"https://bugzilla.suse.com/1129080"},{"category":"self","summary":"SUSE Bug 1129179","url":"https://bugzilla.suse.com/1129179"},{"category":"self","summary":"SUSE Bug 1129237","url":"https://bugzilla.suse.com/1129237"},{"category":"self","summary":"SUSE Bug 1129238","url":"https://bugzilla.suse.com/1129238"},{"category":"self","summary":"SUSE Bug 1129239","url":"https://bugzilla.suse.com/1129239"},{"category":"self","summary":"SUSE Bug 1129240","url":"https://bugzilla.suse.com/1129240"},{"category":"self","summary":"SUSE Bug 1129241","url":"https://bugzilla.suse.com/1129241"},{"category":"self","summary":"SUSE Bug 1129413","url":"https://bugzilla.suse.com/1129413"},{"category":"self","summary":"SUSE Bug 1129414","url":"https://bugzilla.suse.com/1129414"},{"category":"self","summary":"SUSE Bug 1129415","url":"https://bugzilla.suse.com/1129415"},{"category":"self","summary":"SUSE Bug 1129416","url":"https://bugzilla.suse.com/1129416"},{"category":"self","summary":"SUSE Bug 1129417","url":"https://bugzilla.suse.com/1129417"},{"category":"self","summary":"SUSE Bug 1129418","url":"https://bugzilla.suse.com/1129418"},{"category":"self","summary":"SUSE Bug 1129419","url":"https://bugzilla.suse.com/1129419"},{"category":"self","summary":"SUSE Bug 1129581","url":"https://bugzilla.suse.com/1129581"},{"category":"self","summary":"SUSE Bug 1129770","url":"https://bugzilla.suse.com/1129770"},{"category":"self","summary":"SUSE Bug 1129923","url":"https://bugzilla.suse.com/1129923"},{"category":"self","summary":"SUSE CVE CVE-2017-18249 page","url":"https://www.suse.com/security/cve/CVE-2017-18249/"},{"category":"self","summary":"SUSE CVE CVE-2019-2024 page","url":"https://www.suse.com/security/cve/CVE-2019-2024/"},{"category":"self","summary":"SUSE CVE CVE-2019-3459 page","url":"https://www.suse.com/security/cve/CVE-2019-3459/"},{"category":"self","summary":"SUSE CVE CVE-2019-3460 page","url":"https://www.suse.com/security/cve/CVE-2019-3460/"},{"category":"self","summary":"SUSE CVE CVE-2019-6974 page","url":"https://www.suse.com/security/cve/CVE-2019-6974/"},{"category":"self","summary":"SUSE CVE CVE-2019-7221 page","url":"https://www.suse.com/security/cve/CVE-2019-7221/"},{"category":"self","summary":"SUSE CVE CVE-2019-7222 page","url":"https://www.suse.com/security/cve/CVE-2019-7222/"},{"category":"self","summary":"SUSE CVE CVE-2019-9213 page","url":"https://www.suse.com/security/cve/CVE-2019-9213/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2019-04-08T09:49:53Z","generator":{"date":"2019-04-08T09:49:53Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2019:0901-1","initial_release_date":"2019-04-08T09:49:53Z","revision_history":[{"date":"2019-04-08T09:49:53Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-azure-4.4.176-4.25.1.noarch","product":{"name":"kernel-devel-azure-4.4.176-4.25.1.noarch","product_id":"kernel-devel-azure-4.4.176-4.25.1.noarch"}},{"category":"product_version","name":"kernel-source-azure-4.4.176-4.25.1.noarch","product":{"name":"kernel-source-azure-4.4.176-4.25.1.noarch","product_id":"kernel-source-azure-4.4.176-4.25.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-azure-4.4.176-4.25.1.x86_64","product":{"name":"cluster-md-kmp-azure-4.4.176-4.25.1.x86_64","product_id":"cluster-md-kmp-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-azure-4.4.176-4.25.1.x86_64","product":{"name":"dlm-kmp-azure-4.4.176-4.25.1.x86_64","product_id":"dlm-kmp-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-azure-4.4.176-4.25.1.x86_64","product":{"name":"gfs2-kmp-azure-4.4.176-4.25.1.x86_64","product_id":"gfs2-kmp-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-azure-4.4.176-4.25.1.x86_64","product":{"name":"kernel-azure-4.4.176-4.25.1.x86_64","product_id":"kernel-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-azure-base-4.4.176-4.25.1.x86_64","product":{"name":"kernel-azure-base-4.4.176-4.25.1.x86_64","product_id":"kernel-azure-base-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-azure-devel-4.4.176-4.25.1.x86_64","product":{"name":"kernel-azure-devel-4.4.176-4.25.1.x86_64","product_id":"kernel-azure-devel-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-azure-extra-4.4.176-4.25.1.x86_64","product":{"name":"kernel-azure-extra-4.4.176-4.25.1.x86_64","product_id":"kernel-azure-extra-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-azure-kgraft-4.4.176-4.25.1.x86_64","product":{"name":"kernel-azure-kgraft-4.4.176-4.25.1.x86_64","product_id":"kernel-azure-kgraft-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kernel-syms-azure-4.4.176-4.25.1.x86_64","product":{"name":"kernel-syms-azure-4.4.176-4.25.1.x86_64","product_id":"kernel-syms-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-azure-4.4.176-4.25.1.x86_64","product":{"name":"kselftests-kmp-azure-4.4.176-4.25.1.x86_64","product_id":"kselftests-kmp-azure-4.4.176-4.25.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-azure-4.4.176-4.25.1.x86_64","product":{"name":"ocfs2-kmp-azure-4.4.176-4.25.1.x86_64","product_id":"ocfs2-kmp-azure-4.4.176-4.25.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP3","product":{"name":"SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp3"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-base-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-base-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-devel-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-devel-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch"},"product_reference":"kernel-devel-azure-4.4.176-4.25.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch"},"product_reference":"kernel-source-azure-4.4.176-4.25.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3","product_id":"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-syms-azure-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-base-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-base-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-azure-devel-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-azure-devel-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch"},"product_reference":"kernel-devel-azure-4.4.176-4.25.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch"},"product_reference":"kernel-source-azure-4.4.176-4.25.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"},"product_reference":"kernel-syms-azure-4.4.176-4.25.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"}]},"vulnerabilities":[{"cve":"CVE-2017-18249","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18249"}],"notes":[{"category":"general","text":"The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18249","url":"https://www.suse.com/security/cve/CVE-2017-18249"},{"category":"external","summary":"SUSE Bug 1087036 for CVE-2017-18249","url":"https://bugzilla.suse.com/1087036"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2017-18249"},{"cve":"CVE-2019-2024","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-2024"}],"notes":[{"category":"general","text":"In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111761954References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-2024","url":"https://www.suse.com/security/cve/CVE-2019-2024"},{"category":"external","summary":"SUSE Bug 1129179 for CVE-2019-2024","url":"https://bugzilla.suse.com/1129179"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-2024"},{"cve":"CVE-2019-3459","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-3459"}],"notes":[{"category":"general","text":"A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-3459","url":"https://www.suse.com/security/cve/CVE-2019-3459"},{"category":"external","summary":"SUSE Bug 1120758 for CVE-2019-3459","url":"https://bugzilla.suse.com/1120758"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-3459"},{"cve":"CVE-2019-3460","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-3460"}],"notes":[{"category":"general","text":"A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-3460","url":"https://www.suse.com/security/cve/CVE-2019-3460"},{"category":"external","summary":"SUSE Bug 1120758 for CVE-2019-3460","url":"https://bugzilla.suse.com/1120758"},{"category":"external","summary":"SUSE Bug 1155131 for CVE-2019-3460","url":"https://bugzilla.suse.com/1155131"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-3460"},{"cve":"CVE-2019-6974","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-6974"}],"notes":[{"category":"general","text":"In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-6974","url":"https://www.suse.com/security/cve/CVE-2019-6974"},{"category":"external","summary":"SUSE Bug 1124728 for CVE-2019-6974","url":"https://bugzilla.suse.com/1124728"},{"category":"external","summary":"SUSE Bug 1124729 for CVE-2019-6974","url":"https://bugzilla.suse.com/1124729"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-6974"},{"cve":"CVE-2019-7221","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7221"}],"notes":[{"category":"general","text":"The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7221","url":"https://www.suse.com/security/cve/CVE-2019-7221"},{"category":"external","summary":"SUSE Bug 1124732 for CVE-2019-7221","url":"https://bugzilla.suse.com/1124732"},{"category":"external","summary":"SUSE Bug 1124734 for CVE-2019-7221","url":"https://bugzilla.suse.com/1124734"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-7221"},{"cve":"CVE-2019-7222","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7222"}],"notes":[{"category":"general","text":"The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7222","url":"https://www.suse.com/security/cve/CVE-2019-7222"},{"category":"external","summary":"SUSE Bug 1124735 for CVE-2019-7222","url":"https://bugzilla.suse.com/1124735"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.8,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"low"}],"title":"CVE-2019-7222"},{"cve":"CVE-2019-9213","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-9213"}],"notes":[{"category":"general","text":"In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-9213","url":"https://www.suse.com/security/cve/CVE-2019-9213"},{"category":"external","summary":"SUSE Bug 1128166 for CVE-2019-9213","url":"https://bugzilla.suse.com/1128166"},{"category":"external","summary":"SUSE Bug 1128378 for CVE-2019-9213","url":"https://bugzilla.suse.com/1128378"},{"category":"external","summary":"SUSE Bug 1129016 for CVE-2019-9213","url":"https://bugzilla.suse.com/1129016"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch","SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-04-08T09:49:53Z","details":"moderate"}],"title":"CVE-2019-9213"}]}