Bug 1071695 (CVE-2017-17450)

Summary:	VUL-0: CVE-2017-17450: kernel: net/netfilter/xt_osf.c does not require CAP_NET_ADMIN capability for adding and removing callbacks
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Alexander Bergmann <abergmann>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Minor
Priority:	P3 - Medium	CC:	abergmann, bpetkov, bpoirier, jbohac, meissner, mkubecek, smash_bz, tiwai
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/196289/
Whiteboard:	CVSSv2:SUSE:CVE-2017-17450:3.2:(AV:L/AC:L/Au:S/C:P/I:P/A:N) CVSSv3:SUSE:CVE-2017-17450:4.4:(AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) maint:released:oes11-sp2:63934 maint:running:63929:important
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Alexander Bergmann 2017-12-07 09:49:03 UTC

CVE-2017-17450

net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the
CAP_NET_ADMIN capability for add_callback and remove_callback operations, which
allows local users to bypass intended access restrictions because the
xt_osf_fingers data structure is shared across all net namespaces.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17450
http://www.cvedetails.com/cve/CVE-2017-17450/
https://lkml.org/lkml/2017/12/5/982

Comment 2 Michal Kubeček 2017-12-11 16:48:47 UTC

The issue seems to exist since the code was introduced in v2.6.31-rc1 by commit

  11eeef41d5f6  netfilter: passive OS fingerprint xtables match

The fix is in git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
(nf tree) as commit

  916a27901de0  netfilter: xt_osf: Add missing permission checks

Comment 3 Michal Kubeček 2017-12-13 08:23:30 UTC

The fix is now present in or submitted to (*) all relevant branches:

        stable                  a1ac24368548 *
        SLE15                   3196363ac68f *
        SLE12-SP3               72901c9c257e
        SLE12-SP2               822566729fed
        cve/linux-3.12          dc2cb506d3e7 *
        cve/linux-3.0           775bd736477f *
        cve/linux-2.6.32        3a46f6e6f995 *

Reassigning to security team.

Comment 4 Swamp Workflow Management 2017-12-13 17:20:39 UTC

This is an autogenerated message for OBS integration:
This bug (1071695) was mentioned in
https://build.opensuse.org/request/show/556738 42.2 / kernel-source
https://build.opensuse.org/request/show/556740 42.3 / kernel-source

Comment 5 Swamp Workflow Management 2017-12-18 11:19:05 UTC

openSUSE-SU-2017:3358-1: An update that solves 16 vulnerabilities and has 67 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1017461,1021424,1022595,1022914,1024412,1027301,1030061,1031717,1037890,1046107,1050060,1050231,1053919,1056003,1056365,1056427,1056979,1057199,1058135,1060333,1060682,1061756,1062941,1063026,1063516,1064701,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068671,1068978,1068980,1068982,1069270,1069496,1069702,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071231,1071693,1071694,1071695,1071833,963575,964944,966170,966172,974590,979928,989261,996376
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
openSUSE Leap 42.2 (src):    kernel-debug-4.4.103-18.41.1, kernel-default-4.4.103-18.41.1, kernel-docs-4.4.103-18.41.1, kernel-obs-build-4.4.103-18.41.1, kernel-obs-qa-4.4.103-18.41.1, kernel-source-4.4.103-18.41.1, kernel-syms-4.4.103-18.41.1, kernel-vanilla-4.4.103-18.41.1

Comment 6 Swamp Workflow Management 2017-12-18 11:39:01 UTC

openSUSE-SU-2017:3359-1: An update that solves 17 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012523,1015336,1015337,1015340,1015342,1015343,1019675,1020412,1020645,1022595,1022607,1024346,1024373,1024376,1024412,1031717,1032150,1036489,1036800,1037404,1037838,1038299,1039542,1040073,1041873,1042268,1042957,1042977,1042978,1043017,1045404,1046054,1046107,1047901,1047989,1048317,1048327,1048356,1050060,1050231,1051406,1051635,1051987,1052384,1053309,1053919,1055272,1056003,1056365,1056427,1056587,1056596,1056652,1056979,1057079,1057199,1057820,1058413,1059639,1060333,1061756,1062496,1062835,1062941,1063026,1063349,1063516,1064206,1064320,1064591,1064597,1064606,1064701,1064926,1065101,1065180,1065600,1065639,1065692,1065717,1065866,1065959,1066045,1066175,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1066660,1066696,1066767,1066812,1066974,1067105,1067132,1067225,1067494,1067734,1067735,1067888,1067906,1068671,1068978,1068980,1068982,1069152,1069250,1069270,1069277,1069484,1069496,1069583,1069702,1069721,1069793,1069879,1069916,1069942,1069996,1070001,1070006,1070145,1070169,1070404,1070535,1070767,1070771,1070805,1070825,1070964,1071693,1071694,1071695,1071833,1072589,744692,789311,964944,966170,966172,969470,979928,989261,996376
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.103-36.1, kernel-default-4.4.103-36.1, kernel-docs-4.4.103-36.1, kernel-obs-build-4.4.103-36.1, kernel-obs-qa-4.4.103-36.1, kernel-source-4.4.103-36.1, kernel-syms-4.4.103-36.1, kernel-vanilla-4.4.103-36.1

Comment 7 Swamp Workflow Management 2017-12-21 17:31:08 UTC

SUSE-SU-2017:3398-1: An update that solves 15 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012523,1015336,1015337,1015340,1015342,1015343,1019675,1020412,1020645,1022595,1022607,1024346,1024373,1024376,1024412,1031717,1032150,1036489,1036800,1037404,1037838,1038299,1039542,1040073,1041873,1042268,1042957,1042977,1042978,1043017,1045404,1046054,1046107,1047901,1047989,1048317,1048327,1048356,1050060,1050231,1051406,1051635,1051987,1052384,1053309,1053919,1055272,1056003,1056365,1056427,1056587,1056596,1056652,1056979,1057079,1057199,1057820,1058413,1059639,1060333,1061756,1062496,1062835,1062941,1063026,1063349,1063516,1064206,1064320,1064591,1064597,1064606,1064701,1064926,1065101,1065180,1065600,1065639,1065692,1065717,1065866,1065959,1066045,1066175,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1066660,1066696,1066767,1066812,1066974,1067105,1067132,1067225,1067494,1067734,1067735,1067888,1067906,1068671,1068978,1068980,1068982,1069152,1069250,1069270,1069277,1069484,1069583,1069721,1069793,1069879,1069916,1069942,1069996,1070001,1070006,1070145,1070169,1070404,1070535,1070767,1070771,1070805,1070825,1070964,1071693,1071694,1071695,1071833,1072589,744692,789311,964944,966170,966172,969470,979928,989261,996376
CVE References: CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.103-6.33.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.103-6.33.1, kernel-obs-build-4.4.103-6.33.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.103-6.33.1, kernel-source-4.4.103-6.33.1, kernel-syms-4.4.103-6.33.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_6-1-4.3.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.103-6.33.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.103-6.33.1, kernel-source-4.4.103-6.33.1, kernel-syms-4.4.103-6.33.1
SUSE Container as a Service Platform ALL (src):    kernel-default-4.4.103-6.33.1

Comment 8 Swamp Workflow Management 2017-12-21 23:20:58 UTC

SUSE-SU-2017:3410-1: An update that solves 16 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1017461,1020645,1021424,1022595,1022600,1022914,1024412,1025461,1027301,1028971,1030061,1031717,1034048,1037890,1046107,1050060,1050231,1053919,1055567,1056003,1056365,1056427,1056979,1057199,1058135,1059863,1060333,1060682,1060985,1061451,1061756,1062520,1062941,1062962,1063026,1063460,1063475,1063501,1063509,1063516,1063520,1063695,1064206,1064701,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068671,1068978,1068980,1068982,1069270,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071231,1071693,1071694,1071695,1071833,963575,964944,966170,966172,966186,966191,966316,966318,969474,969475,969476,969477,971975,974590,979928,989261,996376
CVE References: CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-15265,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    kernel-default-4.4.103-92.53.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    kernel-docs-4.4.103-92.53.1, kernel-obs-build-4.4.103-92.53.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
SUSE Linux Enterprise Server 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP2_Update_16-1-3.3.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.103-92.53.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    kernel-default-4.4.103-92.53.1, kernel-source-4.4.103-92.53.1, kernel-syms-4.4.103-92.53.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.103-92.53.1

Comment 9 Swamp Workflow Management 2018-01-04 11:18:25 UTC

SUSE-SU-2018:0011-1: An update that solves 17 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 1013018,1024612,1034862,1045479,1045538,1047487,1048185,1050231,1050431,1056982,1063043,1065180,1065600,1066569,1066693,1066973,1068032,1068671,1068984,1069702,1070771,1070964,1071074,1071470,1071695,1072457,1072561,1072876,1073792,1073874
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-14106,CVE-2017-15115,CVE-2017-15868,CVE-2017-16534,CVE-2017-16538,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.21.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.21.1, kernel-default-3.0.101-108.21.1, kernel-ec2-3.0.101-108.21.1, kernel-pae-3.0.101-108.21.1, kernel-ppc64-3.0.101-108.21.1, kernel-source-3.0.101-108.21.1, kernel-syms-3.0.101-108.21.1, kernel-trace-3.0.101-108.21.1, kernel-xen-3.0.101-108.21.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.21.1, kernel-pae-3.0.101-108.21.1, kernel-ppc64-3.0.101-108.21.1, kernel-trace-3.0.101-108.21.1, kernel-xen-3.0.101-108.21.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.21.1, kernel-default-3.0.101-108.21.1, kernel-ec2-3.0.101-108.21.1, kernel-pae-3.0.101-108.21.1, kernel-ppc64-3.0.101-108.21.1, kernel-trace-3.0.101-108.21.1, kernel-xen-3.0.101-108.21.1

Comment 10 Swamp Workflow Management 2018-01-05 20:10:39 UTC

SUSE-SU-2018:0031-1: An update that solves 14 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1012422,1045205,1050231,1066569,1066693,1067678,1068032,1068671,1070771,1070781,1071074,1071470,1071693,1071694,1071695,1072561,1072876
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-15115,CVE-2017-15868,CVE-2017-16534,CVE-2017-16538,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17558,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-8824
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.69.1, kernel-source-3.12.74-60.64.69.1, kernel-syms-3.12.74-60.64.69.1, kernel-xen-3.12.74-60.64.69.1, kgraft-patch-SLE12-SP1_Update_24-1-2.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.69.1

Comment 11 Swamp Workflow Management 2018-01-08 20:11:33 UTC

SUSE-SU-2018:0040-1: An update that solves 32 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1010175,1034862,1045327,1050231,1052593,1056982,1057179,1057389,1058524,1062520,1063544,1063667,1066295,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1067085,1068032,1068671,1069702,1069708,1070771,1071074,1071470,1071695,1072561,1072876,1073792,1073874,1074033,999245
CVE References: CVE-2017-1000251,CVE-2017-11600,CVE-2017-13080,CVE-2017-13167,CVE-2017-14106,CVE-2017-14140,CVE-2017-14340,CVE-2017-15102,CVE-2017-15115,CVE-2017-15265,CVE-2017-15274,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-ppc64-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1

Comment 12 Swamp Workflow Management 2018-01-16 20:11:39 UTC

SUSE-SU-2018:0115-1: An update that solves 14 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1045205,1050231,1066569,1066693,1068032,1068671,1070771,1070781,1071074,1071470,1071693,1071694,1071695,1072561,1072876
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-15115,CVE-2017-15868,CVE-2017-16534,CVE-2017-16538,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17558,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.111.1, kernel-source-3.12.61-52.111.1, kernel-syms-3.12.61-52.111.1, kernel-xen-3.12.61-52.111.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.111.1

Comment 13 Swamp Workflow Management 2018-01-23 17:17:55 UTC

SUSE-SU-2018:0180-1: An update that solves 26 vulnerabilities and has 24 fixes is now available.

Category: security (important)
Bug References: 1012917,1013018,1024612,1034862,1045205,1045479,1045538,1047487,1048185,1050231,1050431,1051133,1054305,1056982,1063043,1064803,1064861,1065180,1065600,1066471,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1066973,1067085,1067816,1067888,1068032,1068671,1068984,1069702,1070771,1070964,1071074,1071470,1071695,1072457,1072561,1072876,1073792,1073874,1074709
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-14106,CVE-2017-15102,CVE-2017-15115,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.14.1, kernel-rt_trace-3.0.101.rt130-69.14.1, kernel-source-rt-3.0.101.rt130-69.14.1, kernel-syms-rt-3.0.101.rt130-69.14.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.14.1, kernel-rt_debug-3.0.101.rt130-69.14.1, kernel-rt_trace-3.0.101.rt130-69.14.1

Comment 14 Swamp Workflow Management 2018-01-25 14:21:38 UTC

SUSE-SU-2018:0213-1: An update that solves 22 vulnerabilities and has 72 fixes is now available.

Category: security (important)
Bug References: 1010201,1012382,1012829,1012917,1021424,1022476,1022595,1024412,1027301,1031717,1039616,1046107,1047487,1050060,1050231,1056003,1056365,1056427,1056979,1057199,1060333,1060682,1061756,1062941,1063026,1063043,1063516,1064311,1064926,1065180,1065600,1065639,1065692,1065717,1065866,1066045,1066192,1066213,1066223,1066285,1066382,1066470,1066471,1066472,1066573,1066606,1066629,1067105,1067132,1067494,1067888,1068032,1068671,1068951,1068978,1068980,1068982,1069270,1069496,1069702,1069793,1069942,1069996,1070006,1070145,1070535,1070767,1070771,1070805,1070825,1070964,1071009,1071231,1071693,1071694,1071695,1071833,1072556,1072962,1073090,1073792,1073809,1073874,1073912,1074392,1074709,963575,964063,964944,966170,966172,969470,979928,989261
CVE References: CVE-2017-1000405,CVE-2017-1000410,CVE-2017-11600,CVE-2017-12193,CVE-2017-15115,CVE-2017-16528,CVE-2017-16536,CVE-2017-16537,CVE-2017-16645,CVE-2017-16646,CVE-2017-16939,CVE-2017-16994,CVE-2017-17448,CVE-2017-17449,CVE-2017-17450,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7482,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP2 (src):    kernel-rt-4.4.104-24.1, kernel-rt_debug-4.4.104-24.1, kernel-source-rt-4.4.104-24.1, kernel-syms-rt-4.4.104-24.1

Comment 15 Marcus Meissner 2018-02-09 07:58:34 UTC

released