Bug 999932 - (CVE-2016-7425) VUL-0: CVE-2016-7425: kernel-source: SCSI arcmsr driver: Buffer overflow in arcmsr_iop_message_xfer()
(CVE-2016-7425)
VUL-0: CVE-2016-7425: kernel-source: SCSI arcmsr driver: Buffer overflow in a...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/172707/
CVSSv2:SUSE:CVE-2016-7425:4.4:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-09-20 14:11 UTC by Victor Pereira
Modified: 2020-06-08 23:22 UTC (History)
7 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2016-09-20 14:11:10 UTC
rh#1377330

A heap-buffer overflow vulnerability was found in the Linux kernel. This can potentially cause kernel heap corruption and arbitraty kernel code execution.

Upstream patch:

http://marc.info/?l=linux-scsi&m=147394713328707&w=2



References:
https://bugzilla.redhat.com/show_bug.cgi?id=1377330
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7425
http://seclists.org/oss-sec/2016/q3/540
Comment 1 Swamp Workflow Management 2016-09-20 22:01:00 UTC
bugbot adjusting priority
Comment 3 Borislav Petkov 2016-09-23 13:55:30 UTC
cve/linux-3.12: pushed.
Comment 4 Borislav Petkov 2016-09-23 17:13:04 UTC
SLE12-SP2: pushed to for-update branch which will be merged when GM comes out.

Can be cherry-picked if required earlier.

   a56b84d9e652..dc57564de6fd  HEAD -> users/bpetkov/SLE12-SP2/for-update
updating local tracking ref 'refs/remotes/origin/users/bpetkov/SLE12-SP2/for-update'
Comment 5 Borislav Petkov 2016-09-25 11:40:12 UTC
Pushed to the remaining branches. Bouncing back.

openSUSE-42.1: 		30c1c30fe202..4d6f98a0c11c  HEAD -> users/bpetkov/openSUSE-42.1/for-next
openSUSE-13.2: 		d292629aba34..e2dba6b38392  HEAD -> users/bpetkov/openSUSE-13.2/for-next
master:			1847ef5b0ce6..60fc5122058d  HEAD -> users/bpetkov/master/for-next
stable:			14295d654073..135aa2250485  HEAD -> users/bpetkov/stable/for-next
cve/linux-3.0:		74288bf90847..6ad9befe9eb4  HEAD -> users/bpetkov/cve/linux-3.0/for-next
cve/linux-2.6.32: 530ff40b5482..e057ec787d19  HEAD -> users/bpetkov/cve/linux-2.6.32/for-next
cve/linux-2.6.16:	[new branch]                HEAD -> users/bpetkov/cve/linux-2.6.16/for-next
Comment 6 Swamp Workflow Management 2016-10-21 15:15:21 UTC
openSUSE-SU-2016:2583-1: An update that solves four vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1000287,1000304,1000907,1001462,1001486,1004418,1004462,1005101,799133,881008,909994,911687,922634,963655,972460,978094,979681,987703,991247,991665,993890,993891,996664,999600,999932
CVE References: CVE-2016-5195,CVE-2016-7039,CVE-2016-7425,CVE-2016-8658
Sources used:
openSUSE Leap 42.1 (src):    drbd-8.4.6-10.1, hdjmod-1.28-26.1, ipset-6.25.1-7.1, kernel-debug-4.1.34-33.1, kernel-default-4.1.34-33.1, kernel-docs-4.1.34-33.3, kernel-ec2-4.1.34-33.1, kernel-obs-build-4.1.34-33.1, kernel-obs-qa-4.1.34-33.1, kernel-obs-qa-xen-4.1.34-33.1, kernel-pae-4.1.34-33.1, kernel-pv-4.1.34-33.1, kernel-source-4.1.34-33.1, kernel-syms-4.1.34-33.1, kernel-vanilla-4.1.34-33.1, kernel-xen-4.1.34-33.1, lttng-modules-2.7.0-4.1, pcfclock-0.44-268.1, vhba-kmp-20140928-7.1
Comment 7 Swamp Workflow Management 2016-10-25 17:14:45 UTC
openSUSE-SU-2016:2625-1: An update that solves 12 vulnerabilities and has 19 fixes is now available.

Category: security (important)
Bug References: 1000287,1001486,1003077,1003925,1003931,1004045,1004418,1004462,881008,909994,911687,922634,951155,960689,978094,980371,986570,989152,991247,991608,991665,993890,993891,994296,994520,994748,994752,994759,996664,999600,999932
CVE References: CVE-2015-7513,CVE-2015-8956,CVE-2016-0823,CVE-2016-1237,CVE-2016-5195,CVE-2016-5696,CVE-2016-6327,CVE-2016-6480,CVE-2016-6828,CVE-2016-7117,CVE-2016-7425,CVE-2016-8658
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.22.1, cloop-2.639-14.22.1, crash-7.0.8-22.1, hdjmod-1.28-18.23.1, ipset-6.23-22.1, kernel-debug-3.16.7-45.1, kernel-default-3.16.7-45.1, kernel-desktop-3.16.7-45.1, kernel-docs-3.16.7-45.2, kernel-ec2-3.16.7-45.1, kernel-obs-build-3.16.7-45.1, kernel-obs-qa-3.16.7-45.1, kernel-obs-qa-xen-3.16.7-45.1, kernel-pae-3.16.7-45.1, kernel-source-3.16.7-45.1, kernel-syms-3.16.7-45.1, kernel-vanilla-3.16.7-45.1, kernel-xen-3.16.7-45.1, pcfclock-0.44-260.22.1, vhba-kmp-20140629-2.22.1, virtualbox-5.0.28-54.2, xen-4.4.4_05-51.2, xtables-addons-2.6-24.1
Comment 8 Swamp Workflow Management 2016-11-21 15:30:03 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-11-28.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63212
Comment 9 Swamp Workflow Management 2016-11-25 16:34:07 UTC
SUSE-SU-2016:2912-1: An update that solves 11 vulnerabilities and has 111 fixes is now available.

Category: security (important)
Bug References: 1000189,1000287,1000304,1000776,1001419,1001486,1002165,1003079,1003153,1003400,1003568,1003866,1003925,1003964,1004252,1004462,1004517,1004520,1005666,1006691,1007615,1007886,744692,772786,789311,857397,860441,865545,866130,868923,874131,876463,898675,904489,909994,911687,915183,921338,921784,922064,922634,924381,924384,930399,931454,934067,937086,937888,940545,941420,946309,955446,956514,959463,961257,962846,966864,967640,970943,971975,971989,974406,974620,975596,975772,976195,977687,978094,979451,979928,982783,983619,984194,984419,984779,984992,985562,986445,987192,987333,987542,987565,987621,987805,988440,988617,988715,989152,989953,990245,991247,991608,991665,992244,992555,992591,992593,992712,993392,993841,993890,993891,994296,994438,994520,994748,995153,995968,996664,997059,997299,997708,997896,998689,998795,998825,999577,999584,999600,999779,999907,999932
CVE References: CVE-2015-8956,CVE-2016-5696,CVE-2016-6130,CVE-2016-6327,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7425,CVE-2016-8658,CVE-2016-8666
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.67-60.64.18.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.67-60.64.18.3, kernel-obs-build-3.12.67-60.64.18.1
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.67-60.64.18.1, kernel-source-3.12.67-60.64.18.1, kernel-syms-3.12.67-60.64.18.1, kernel-xen-3.12.67-60.64.18.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.67-60.64.18.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_9-1-6.3
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.67-60.64.18.1, kernel-source-3.12.67-60.64.18.1, kernel-syms-3.12.67-60.64.18.1, kernel-xen-3.12.67-60.64.18.1
Comment 10 Swamp Workflow Management 2016-11-28 14:57:28 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-12-05.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63229
Comment 11 Swamp Workflow Management 2016-12-02 15:39:21 UTC
SUSE-SU-2016:2976-1: An update that solves 13 vulnerabilities and has 87 fixes is now available.

Category: security (important)
Bug References: 1000189,1001419,1002165,1003077,1003344,1003568,1003677,1003866,1003925,1004517,1004520,1005857,1005896,1005903,1006917,1006919,1007944,763198,771065,799133,803320,839104,843236,860441,863873,865783,871728,907611,908458,908684,909077,909350,909484,909618,909994,911687,915183,920016,922634,922947,928138,929141,934760,951392,956514,960689,963655,967716,968010,968014,971975,971989,973203,974620,976867,977687,979514,979595,979681,980371,982218,982783,983535,983619,984102,984194,984992,985206,986337,986362,986365,986445,987565,988440,989152,989261,989764,989779,991608,991665,991923,992566,993127,993890,993891,994296,994436,994618,994759,994926,995968,996329,996664,997708,998399,998689,999584,999600,999907,999932
CVE References: CVE-2013-4312,CVE-2015-7513,CVE-2015-8956,CVE-2016-0823,CVE-2016-3841,CVE-2016-4998,CVE-2016-5696,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7117,CVE-2016-7425
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-88.3
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-88.1, kernel-default-3.0.101-88.1, kernel-ec2-3.0.101-88.1, kernel-pae-3.0.101-88.1, kernel-ppc64-3.0.101-88.1, kernel-source-3.0.101-88.1, kernel-syms-3.0.101-88.1, kernel-trace-3.0.101-88.1, kernel-xen-3.0.101-88.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-88.1, kernel-pae-3.0.101-88.1, kernel-ppc64-3.0.101-88.1, kernel-trace-3.0.101-88.1, kernel-xen-3.0.101-88.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-88.1, kernel-default-3.0.101-88.1, kernel-ec2-3.0.101-88.1, kernel-pae-3.0.101-88.1, kernel-ppc64-3.0.101-88.1, kernel-trace-3.0.101-88.1, kernel-xen-3.0.101-88.1
Comment 12 Swamp Workflow Management 2016-12-06 12:37:08 UTC
openSUSE-SU-2016:3021-1: An update that solves 12 vulnerabilities and has 118 fixes is now available.

Category: security (important)
Bug References: 1000189,1000287,1000304,1000776,1001419,1001486,1002165,1003079,1003153,1003400,1003568,1003866,1003925,1004252,1004418,1004462,1004517,1004520,1005666,1006691,1007615,1007886,744692,772786,789311,799133,857397,860441,865545,866130,868923,874131,875631,876145,876463,898675,904489,909994,911687,915183,921338,921784,922064,922634,924381,924384,930399,931454,934067,937086,937888,940545,941420,946309,954986,955446,956514,959463,961257,962846,963655,963767,966864,967640,970943,971975,971989,974406,974620,975596,975772,976195,977687,978094,979451,979681,979928,982783,983619,984194,984419,984779,984992,985562,986445,987192,987333,987542,987565,987621,987805,988440,988617,988715,989152,989953,990245,991247,991608,991665,992244,992555,992591,992593,992712,993392,993841,993890,993891,994296,994438,994520,994748,994758,995153,995968,996664,997059,997299,997708,997896,998689,998795,998825,999577,999584,999600,999779,999907,999932
CVE References: CVE-2013-5634,CVE-2015-8956,CVE-2016-2069,CVE-2016-5696,CVE-2016-6130,CVE-2016-6327,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7425,CVE-2016-8658
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.36.1, crash-7.0.2-2.36.1, hdjmod-1.28-16.36.1, ipset-6.21.1-2.40.1, iscsitarget-1.4.20.3-13.36.1, kernel-debug-3.12.67-58.1, kernel-default-3.12.67-58.1, kernel-desktop-3.12.67-58.1, kernel-docs-3.12.67-58.2, kernel-ec2-3.12.67-58.1, kernel-pae-3.12.67-58.1, kernel-source-3.12.67-58.1, kernel-syms-3.12.67-58.1, kernel-trace-3.12.67-58.1, kernel-vanilla-3.12.67-58.1, kernel-xen-3.12.67-58.1, ndiswrapper-1.58-37.1, openvswitch-1.11.0-0.43.1, pcfclock-0.44-258.37.1, vhba-kmp-20130607-2.36.1, virtualbox-4.2.36-2.68.1, xen-4.3.4_10-69.1, xtables-addons-2.3-2.35.1
Comment 13 Swamp Workflow Management 2016-12-09 17:25:33 UTC
SUSE-SU-2016:3069-1: An update that solves 11 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1000189,1001419,1002165,1004418,732582,839104,843236,909994,911687,915183,920016,934760,951392,956514,960689,963655,971975,971989,974620,976867,977687,979514,979595,979681,980371,982218,982783,983535,983619,984102,984194,984992,985206,986362,986365,986445,987565,988440,989152,989261,989779,991608,991665,991923,992566,993127,993890,993891,994296,994436,994618,994759,994926,996329,996664,997708,998399,999584,999600,999932
CVE References: CVE-2013-4312,CVE-2015-7513,CVE-2016-0823,CVE-2016-3841,CVE-2016-4997,CVE-2016-4998,CVE-2016-5195,CVE-2016-5696,CVE-2016-6480,CVE-2016-6828,CVE-2016-7425
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-65.1, kernel-rt_trace-3.0.101.rt130-65.1, kernel-source-rt-3.0.101.rt130-65.1, kernel-syms-rt-3.0.101.rt130-65.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-65.1, kernel-rt_debug-3.0.101.rt130-65.1, kernel-rt_trace-3.0.101.rt130-65.1
Comment 14 Swamp Workflow Management 2016-12-30 17:39:56 UTC
SUSE-SU-2016:3304-1: An update that solves 13 vulnerabilities and has 118 fixes is now available.

Category: security (important)
Bug References: 1000189,1000287,1000304,1000776,1001419,1001486,1002165,1003079,1003153,1003400,1003568,1003925,1004252,1004418,1004462,1004517,1004520,1005666,1006691,1007615,1007886,744692,789311,857397,860441,865545,866130,868923,874131,875631,876145,876463,898675,904489,909994,911687,915183,921338,921784,922064,922634,924381,924384,930399,934067,937086,937888,941420,946309,955446,956514,959463,961257,962846,963655,963767,966864,967640,970943,971975,971989,974406,974620,975596,975772,976195,977687,978094,979451,979681,979928,980371,981597,982783,983619,984194,984419,984779,984992,985562,986362,986365,986445,987192,987333,987542,987565,987621,987805,988440,988617,988715,989152,989953,990058,990245,991247,991608,991665,991667,992244,992555,992568,992591,992593,992712,993392,993841,993890,993891,994167,994296,994438,994520,994758,995153,995968,996664,997059,997299,997708,997896,998689,998795,998825,999577,999584,999600,999779,999907,999932
CVE References: CVE-2015-8956,CVE-2016-2069,CVE-2016-4998,CVE-2016-5195,CVE-2016-5696,CVE-2016-6130,CVE-2016-6327,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7425,CVE-2016-8658
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP1 (src):    kernel-compute-3.12.67-60.27.1, kernel-compute_debug-3.12.67-60.27.1, kernel-rt-3.12.67-60.27.1, kernel-rt_debug-3.12.67-60.27.1, kernel-source-rt-3.12.67-60.27.1, kernel-syms-rt-3.12.67-60.27.1
Comment 15 Swamp Workflow Management 2017-01-17 18:45:32 UTC
SUSE-SU-2017:0181-1: An update that solves 13 vulnerabilities and has 127 fixes is now available.

Category: security (important)
Bug References: 1000118,1000189,1000287,1000304,1000433,1000776,1001169,1001171,1001310,1001462,1001486,1001888,1002322,1002770,1002786,1003068,1003566,1003581,1003606,1003813,1003866,1003964,1004048,1004052,1004252,1004365,1004517,1005169,1005327,1005545,1005666,1005745,1005895,1005917,1005921,1005923,1005925,1005929,1006103,1006175,1006267,1006528,1006576,1006804,1006809,1006827,1006915,1006918,1007197,1007615,1007653,1007955,1008557,1008979,1009062,1009969,1010040,1010158,1010444,1010478,1010507,1010665,1010690,1010970,1011176,1011250,1011913,1012060,1012094,1012452,1012767,1012829,1012992,1013001,1013479,1013531,1013700,1014120,1014392,1014701,1014710,1015212,1015359,1015367,1015416,799133,914939,922634,963609,963655,963904,964462,966170,966172,966186,966191,966316,966318,966325,966471,969474,969475,969476,969477,969756,971975,971989,972993,974313,974842,974843,978907,979378,979681,981825,983087,983152,983318,985850,986255,986987,987641,987703,987805,988524,988715,990384,992555,993739,993841,993891,994881,995278,997059,997639,997807,998054,998689,999907,999932
CVE References: CVE-2015-1350,CVE-2015-8964,CVE-2016-7039,CVE-2016-7042,CVE-2016-7425,CVE-2016-7913,CVE-2016-7917,CVE-2016-8645,CVE-2016-8666,CVE-2016-9083,CVE-2016-9084,CVE-2016-9793,CVE-2016-9919
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    kernel-default-4.4.38-93.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    kernel-docs-4.4.38-93.3, kernel-obs-build-4.4.38-93.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    kernel-default-4.4.38-93.1, kernel-source-4.4.38-93.1, kernel-syms-4.4.38-93.1
SUSE Linux Enterprise Server 12-SP2 (src):    kernel-default-4.4.38-93.1, kernel-source-4.4.38-93.1, kernel-syms-4.4.38-93.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP2_Update_4-1-2.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.38-93.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    kernel-default-4.4.38-93.1, kernel-source-4.4.38-93.1, kernel-syms-4.4.38-93.1
Comment 16 Swamp Workflow Management 2017-01-30 19:26:46 UTC
SUSE-SU-2017:0333-1: An update that solves 46 vulnerabilities and has 31 fixes is now available.

Category: security (important)
Bug References: 1003077,1003925,1004517,1007944,1008645,1008831,1008833,1009443,1010150,1010467,1010501,1010507,1010711,1010716,1011482,1011685,1012422,1012832,1013038,1013531,1013542,1014746,1017710,1021258,835175,839104,863873,874145,896484,908069,914939,922947,927287,940966,950998,954984,956514,958000,960689,963053,967716,968500,969340,971360,971944,978401,978821,979213,979274,979548,979595,979879,979915,980363,980371,980725,981267,983143,983213,984755,986362,986365,986445,986572,989261,991608,991665,992566,993890,993891,994296,994436,994618,994759,995968,997059,999932
CVE References: CVE-2004-0230,CVE-2012-6704,CVE-2013-4312,CVE-2015-1350,CVE-2015-7513,CVE-2015-7833,CVE-2015-8956,CVE-2015-8962,CVE-2015-8964,CVE-2016-0823,CVE-2016-10088,CVE-2016-1583,CVE-2016-2187,CVE-2016-2189,CVE-2016-3841,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5829,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7117,CVE-2016-7425,CVE-2016-7910,CVE-2016-7911,CVE-2016-7916,CVE-2016-8399,CVE-2016-8632,CVE-2016-8633,CVE-2016-8646,CVE-2016-9555,CVE-2016-9685,CVE-2016-9756,CVE-2016-9793,CVE-2017-5551
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    kernel-default-3.0.101-0.7.53.1, kernel-ec2-3.0.101-0.7.53.1, kernel-pae-3.0.101-0.7.53.1, kernel-source-3.0.101-0.7.53.1, kernel-syms-3.0.101-0.7.53.1, kernel-trace-3.0.101-0.7.53.1, kernel-xen-3.0.101-0.7.53.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    kernel-default-3.0.101-0.7.53.1, kernel-ec2-3.0.101-0.7.53.1, kernel-pae-3.0.101-0.7.53.1, kernel-trace-3.0.101-0.7.53.1, kernel-xen-3.0.101-0.7.53.1
Comment 17 Swamp Workflow Management 2017-02-15 20:22:39 UTC
SUSE-SU-2017:0471-1: An update that solves 34 vulnerabilities and has 48 fixes is now available.

Category: security (important)
Bug References: 1003153,1003925,1004462,1004517,1005666,1007197,1008833,1008979,1009969,1010040,1010475,1010478,1010501,1010502,1010507,1010612,1010711,1010716,1011820,1012422,1013038,1013531,1013540,1013542,1014746,1016482,1017410,1017589,1017710,1019300,1019851,1020602,1021258,881008,915183,958606,961257,970083,971989,976195,978094,980371,980560,981038,981597,981709,982282,982544,983619,983721,983977,984148,984419,984755,985978,986362,986365,986445,986569,986572,986811,986941,987542,987565,987576,989152,990384,991608,991665,993392,993890,993891,994296,994748,994881,995968,997708,998795,999584,999600,999932,999943
CVE References: CVE-2014-9904,CVE-2015-8956,CVE-2015-8962,CVE-2015-8963,CVE-2015-8964,CVE-2016-10088,CVE-2016-4470,CVE-2016-4998,CVE-2016-5696,CVE-2016-5828,CVE-2016-5829,CVE-2016-6130,CVE-2016-6327,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7425,CVE-2016-7910,CVE-2016-7911,CVE-2016-7913,CVE-2016-7914,CVE-2016-8399,CVE-2016-8633,CVE-2016-8645,CVE-2016-8658,CVE-2016-9083,CVE-2016-9084,CVE-2016-9756,CVE-2016-9793,CVE-2016-9806,CVE-2017-2583,CVE-2017-2584,CVE-2017-5551
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    kernel-default-3.12.61-52.66.1, kernel-source-3.12.61-52.66.1, kernel-syms-3.12.61-52.66.1, kernel-xen-3.12.61-52.66.1, kgraft-patch-SLE12_Update_19-1-2.1
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.66.1, kernel-source-3.12.61-52.66.1, kernel-syms-3.12.61-52.66.1, kernel-xen-3.12.61-52.66.1, kgraft-patch-SLE12_Update_19-1-2.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.66.1
Comment 18 Swamp Workflow Management 2017-02-17 17:23:00 UTC
SUSE-SU-2017:0494-1: An update that solves 27 vulnerabilities and has 48 fixes is now available.

Category: security (important)
Bug References: 1001419,1002165,1003077,1003253,1003925,1004517,1007944,1008374,1008645,1008831,1008833,1008850,1009875,1010150,1010467,1010501,1010507,1010711,1010713,1010716,1011685,1011820,1012183,1012422,1012832,1012851,1012852,1012895,1013038,1013042,1013531,1013542,1014454,1014746,1015878,1017710,1018446,1019079,1019783,1021258,821612,824171,914939,929141,935436,956514,961923,966826,967716,969340,973691,979595,987576,989152,989261,991665,992566,992569,992906,992991,993890,993891,994296,994618,994759,995968,996329,996541,996557,997059,997401,997708,998689,999932,999943
CVE References: CVE-2004-0230,CVE-2012-6704,CVE-2015-1350,CVE-2015-8956,CVE-2015-8962,CVE-2015-8964,CVE-2015-8970,CVE-2016-0823,CVE-2016-10088,CVE-2016-3841,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7117,CVE-2016-7425,CVE-2016-7910,CVE-2016-7911,CVE-2016-7916,CVE-2016-8399,CVE-2016-8632,CVE-2016-8633,CVE-2016-8646,CVE-2016-9555,CVE-2016-9685,CVE-2016-9756,CVE-2016-9793,CVE-2017-5551
Sources used:
SUSE OpenStack Cloud 5 (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-source-3.0.101-0.47.96.1, kernel-syms-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Manager Proxy 2.1 (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-source-3.0.101-0.47.96.1, kernel-syms-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Manager 2.1 (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-source-3.0.101-0.47.96.1, kernel-syms-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-pae-3.0.101-0.47.96.1, kernel-source-3.0.101-0.47.96.1, kernel-syms-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-pae-3.0.101-0.47.96.1, kernel-ppc64-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-pae-3.0.101-0.47.96.1, kernel-source-3.0.101-0.47.96.1, kernel-syms-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.96.1, kernel-default-3.0.101-0.47.96.1, kernel-ec2-3.0.101-0.47.96.1, kernel-pae-3.0.101-0.47.96.1, kernel-trace-3.0.101-0.47.96.1, kernel-xen-3.0.101-0.47.96.1
Comment 19 Marcus Meissner 2017-03-02 13:04:37 UTC
released
Comment 20 Bernhard Wiedemann 2017-03-30 08:03:15 UTC
This is an autogenerated message for OBS integration:
This bug (999932) was mentioned in
https://build.opensuse.org/request/show/483729 42.1 / kernel-source