Bug 1049882 - (CVE-2017-7542) VUL-0: CVE-2017-7542 kernel: Integer overflow in ip6_find_1stfragopt() causes infinite loop
(CVE-2017-7542)
VUL-0: CVE-2017-7542 kernel: Integer overflow in ip6_find_1stfragopt() causes...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/188934/
CVSSv2:SUSE:CVE-2017-7542:4.9:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-21 13:36 UTC by Johannes Segitz
Modified: 2020-06-12 20:50 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-07-21 13:36:11 UTC
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6&context=10&ignorews=0&dt=0

In some cases, offset can overflow and can cause an infinite loop in ip6_find_1stfragopt(). Make it unsigned int to prevent the overflow, and cap it at IPV6_MAXPLEN, since packets larger than that should be invalid.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1473649
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7542
Comment 3 Michal Kubeček 2017-07-27 11:51:23 UTC
The function is only called in output path so that it should only be locally
exploitable. In theory, there might be a way to trick the system to send out
a packet that would trigger the issue but it doesn't seem very likely.

As the commit message says, the problem exists at least since the beginning
of git history so that all our maintained branches are affected (the fix has
not been backported into any stable branch yet but it is queued for stable
so that it's going to appear there).
Comment 4 Michal Kubeček 2017-07-28 17:25:45 UTC
The fix is now present in or submitted to (*) all relevant branches:

  stable                  00c59612a9ee
  SLE15                   399d4a0d472d 
  SLE12-SP2               c3588f8724f8 *
  cve/linux-3.12          ae2a855be0b2
  cve/linux-3.0           488271897b69 *
  cve/linux-2.6.32        81636d9c824b *
  cve/linux-2.6.16        842e7118dce3 *

Reassigning back to the security team.
Comment 5 Swamp Workflow Management 2017-08-09 13:18:21 UTC
openSUSE-SU-2017:2110-1: An update that solves 5 vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1006180,1011913,1012829,1013887,1022476,1028173,1028286,1029693,1030552,1031515,1031717,1033587,1034075,1034762,1036303,1036632,1037344,1038078,1038616,1039915,1040307,1040351,1041958,1042286,1042314,1042422,1042778,1043652,1044112,1044636,1045154,1045563,1045922,1046682,1046985,1047048,1047096,1047118,1047121,1047152,1047277,1047343,1047354,1047651,1047653,1047670,1048155,1048221,1048317,1048891,1048914,1049483,1049486,1049603,1049645,1049882,1050061,1050188,1051022,1051059,1051239,1051478,1051479,1051663,964063,974215
CVE References: CVE-2017-10810,CVE-2017-11473,CVE-2017-7533,CVE-2017-7541,CVE-2017-7542
Sources used:
openSUSE Leap 42.2 (src):    kernel-debug-4.4.79-18.23.1, kernel-default-4.4.79-18.23.1, kernel-docs-4.4.79-18.23.2, kernel-obs-build-4.4.79-18.23.1, kernel-obs-qa-4.4.79-18.23.1, kernel-source-4.4.79-18.23.1, kernel-syms-4.4.79-18.23.1, kernel-vanilla-4.4.79-18.23.1
Comment 6 Swamp Workflow Management 2017-08-09 13:30:04 UTC
openSUSE-SU-2017:2112-1: An update that solves four vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1005778,1011913,1012829,1013887,1016119,1019695,1022476,1022600,1022604,1028286,1030552,1031717,1033587,1036215,1036632,1037838,1039153,1040347,1042257,1042286,1042422,1043598,1044443,1044623,1045404,1045563,1045922,1046651,1046682,1047121,1048146,1048155,1048348,1048421,1048451,1048501,1048891,1048912,1048914,1048916,1048919,1049231,1049289,1049361,1049483,1049486,1049603,1049619,1049645,1049706,1049882,1050061,1050188,1050320,1050322,1051022,1051048,1051059,1051239,1051471,1051478,1051479,1051663,964063,974215
CVE References: CVE-2017-11473,CVE-2017-7533,CVE-2017-7541,CVE-2017-7542
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.79-4.2, kernel-default-4.4.79-4.2, kernel-docs-4.4.79-4.2, kernel-obs-build-4.4.79-4.2, kernel-obs-qa-4.4.79-4.2, kernel-source-4.4.79-4.2, kernel-syms-4.4.79-4.2, kernel-vanilla-4.4.79-4.2
Comment 7 Michal Kubeček 2017-08-21 12:29:31 UTC
A follow-up fix has been submitted:

  https://patchwork.ozlabs.org/patch/803216/

But the issue it addresses is only low priority (inability to send packets
of size exactly IPV6_MAXPLEN (65535)) so there is no need to hurry.
Comment 10 Swamp Workflow Management 2017-08-29 16:32:36 UTC
SUSE-SU-2017:2286-1: An update that solves 8 vulnerabilities and has 150 fixes is now available.

Category: security (important)
Bug References: 1005778,1006180,1011913,1012829,1013887,1015337,1015342,1016119,1019151,1019695,1020645,1022476,1022600,1022604,1023175,1024346,1024373,1025461,1026570,1028173,1028286,1029693,1030552,1031515,1031717,1031784,1033587,1034075,1034113,1034762,1036215,1036632,1037344,1037404,1037838,1037994,1038078,1038616,1038792,1039153,1039348,1039915,1040307,1040347,1040351,1041958,1042257,1042286,1042314,1042422,1042778,1043261,1043347,1043520,1043598,1043652,1043805,1043912,1044112,1044443,1044623,1044636,1045154,1045293,1045330,1045404,1045563,1045596,1045709,1045715,1045866,1045922,1045937,1046105,1046170,1046434,1046651,1046655,1046682,1046821,1046985,1047027,1047048,1047096,1047118,1047121,1047152,1047174,1047277,1047343,1047354,1047418,1047506,1047595,1047651,1047653,1047670,1047802,1048146,1048155,1048221,1048317,1048348,1048356,1048421,1048451,1048501,1048891,1048912,1048914,1048916,1048919,1049231,1049289,1049298,1049361,1049483,1049486,1049603,1049619,1049645,1049706,1049882,1050061,1050188,1050211,1050320,1050322,1050677,1051022,1051048,1051059,1051239,1051399,1051471,1051478,1051479,1051556,1051663,1051689,1051979,1052049,1052223,1052311,1052325,1052365,1052442,1052533,1052709,1052773,1052794,1052899,1052925,1053043,1053117,964063,974215,998664
CVE References: CVE-2017-1000111,CVE-2017-1000112,CVE-2017-10810,CVE-2017-11473,CVE-2017-7533,CVE-2017-7541,CVE-2017-7542,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.82-6.3.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.82-6.3.5, kernel-obs-build-4.4.82-6.3.3
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.82-6.3.1, kernel-source-4.4.82-6.3.1, kernel-syms-4.4.82-6.3.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_1-1-2.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.82-6.3.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.82-6.3.1, kernel-source-4.4.82-6.3.1, kernel-syms-4.4.82-6.3.1
Comment 11 Swamp Workflow Management 2017-09-04 19:34:42 UTC
SUSE-SU-2017:2342-1: An update that solves 44 vulnerabilities and has 135 fixes is now available.

Category: security (important)
Bug References: 1003077,1005651,1008374,1008850,1008893,1012422,1013018,1013070,1013800,1013862,1016489,1017143,1018074,1018263,1018446,1019168,1020229,1021256,1021913,1022971,1023014,1023051,1023163,1023888,1024508,1024788,1024938,1025235,1025702,1026024,1026260,1026722,1026914,1027066,1027101,1027178,1027565,1028372,1028415,1028880,1029140,1029212,1029770,1029850,1030213,1030552,1030573,1030593,1030814,1031003,1031052,1031440,1031579,1032141,1032340,1032471,1033287,1033336,1033771,1033794,1033804,1033816,1034026,1034670,1035576,1035777,1035920,1036056,1036288,1036629,1037182,1037183,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039348,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042200,1042615,1042633,1042687,1042832,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1044985,1045154,1045340,1045356,1045406,1045416,1045525,1045538,1045547,1045615,1046107,1046122,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,784815,792863,799133,870618,909486,909618,911105,919382,928138,931620,938352,943786,948562,962257,970956,971975,972891,979021,982783,983212,985561,986362,986365,986924,988065,989056,990682,991651,995542,999245
CVE References: CVE-2014-9922,CVE-2015-3288,CVE-2015-8970,CVE-2016-10200,CVE-2016-2188,CVE-2016-4997,CVE-2016-4998,CVE-2016-5243,CVE-2016-7117,CVE-2017-1000363,CVE-2017-1000364,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2636,CVE-2017-2647,CVE-2017-2671,CVE-2017-5669,CVE-2017-5970,CVE-2017-5986,CVE-2017-6074,CVE-2017-6214,CVE-2017-6348,CVE-2017-6353,CVE-2017-6951,CVE-2017-7184,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-7616,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1, kernel-source-rt-3.0.101.rt130-69.5.1, kernel-syms-rt-3.0.101.rt130-69.5.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_debug-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1
Comment 12 Swamp Workflow Management 2017-09-08 16:25:40 UTC
SUSE-SU-2017:2389-1: An update that solves 21 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1000365,1000380,1012422,1013018,1015452,1023051,1029140,1029850,1030552,1030593,1030814,1032340,1032471,1034026,1034670,1035576,1035721,1035777,1035920,1036056,1036288,1036629,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042615,1042633,1042687,1042832,1042863,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1045154,1045356,1045416,1045479,1045487,1045525,1045538,1045547,1045615,1046107,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049128,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,1055680,784815,792863,799133,909618,919382,928138,938352,943786,948562,962257,971975,972891,986924,990682,995542
CVE References: CVE-2014-9922,CVE-2016-10277,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.7.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-source-3.0.101-108.7.1, kernel-syms-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    cluster-network-1.4-2.32.2.14, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4
SUSE Linux Enterprise High Availability Extension 11-SP4 (src):    cluster-network-1.4-2.32.2.14, drbd-8.4.4-0.27.2.1, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    drbd-8.4.4-0.27.2.1, kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
Comment 14 Swamp Workflow Management 2017-09-19 13:19:25 UTC
SUSE-SU-2017:2525-1: An update that solves 40 vulnerabilities and has 44 fixes is now available.

Category: security (important)
Bug References: 1006919,1012422,1013862,1017143,1020229,1021256,1023051,1024938,1025013,1025235,1026024,1026722,1026914,1027066,1027101,1027178,1027179,1027406,1028415,1028880,1029212,1029850,1030213,1030573,1030575,1030593,1031003,1031052,1031440,1031481,1031579,1031660,1033287,1033336,1034670,1034838,1035576,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039349,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1041431,1042364,1042863,1042892,1044125,1045416,1045487,1046107,1048232,1048275,1049483,1049603,1049882,1050677,1052311,1053148,1053152,1053760,1056588,870618,948562,957988,957990,963655,972891,979681,983212,986924,989896,999245
CVE References: CVE-2016-10200,CVE-2016-5243,CVE-2017-1000112,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-11473,CVE-2017-12762,CVE-2017-14051,CVE-2017-2647,CVE-2017-2671,CVE-2017-5669,CVE-2017-5970,CVE-2017-5986,CVE-2017-6074,CVE-2017-6214,CVE-2017-6348,CVE-2017-6353,CVE-2017-6951,CVE-2017-7184,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-7616,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-source-3.0.101-0.47.106.5.1, kernel-syms-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-source-3.0.101-0.47.106.5.1, kernel-syms-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1
Comment 15 Swamp Workflow Management 2017-10-27 16:44:21 UTC
SUSE-SU-2017:2869-1: An update that solves 16 vulnerabilities and has 120 fixes is now available.

Category: security (important)
Bug References: 1006180,1011913,1012382,1012829,1013887,1019151,1020645,1020657,1021424,1022476,1022743,1022967,1023175,1024405,1028173,1028286,1029693,1030552,1030850,1031515,1031717,1031784,1033587,1034048,1034075,1034762,1036303,1036632,1037344,1037404,1037994,1038078,1038583,1038616,1038792,1039915,1040307,1040351,1041958,1042286,1042314,1042422,1042778,1043652,1044112,1044636,1045154,1045563,1045922,1046682,1046821,1046985,1047027,1047048,1047096,1047118,1047121,1047152,1047277,1047343,1047354,1047487,1047651,1047653,1047670,1048155,1048221,1048317,1048891,1048893,1048914,1048934,1049226,1049483,1049486,1049580,1049603,1049645,1049882,1050061,1050188,1051022,1051059,1051239,1051399,1051478,1051479,1051556,1051663,1051790,1052049,1052223,1052533,1052580,1052593,1052709,1052773,1052794,1052888,1053117,1053802,1053915,1053919,1054084,1055013,1055096,1055359,1055493,1055755,1055896,1056261,1056588,1056827,1056982,1057015,1058038,1058116,1058410,1058507,1059051,1059465,1060197,1061017,1061046,1061064,1061067,1061172,1061831,1061872,1063667,1064206,1064388,964063,971975,974215,981309
CVE References: CVE-2017-1000252,CVE-2017-10810,CVE-2017-11472,CVE-2017-11473,CVE-2017-12134,CVE-2017-12153,CVE-2017-12154,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14489,CVE-2017-15649,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    kernel-default-4.4.90-92.45.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    kernel-docs-4.4.90-92.45.3, kernel-obs-build-4.4.90-92.45.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Linux Enterprise Server 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP2_Update_14-1-2.4
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.90-92.45.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Container as a Service Platform ALL (src):    kernel-default-4.4.90-92.45.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.90-92.45.1
Comment 16 Swamp Workflow Management 2017-10-30 18:30:50 UTC
SUSE-SU-2017:2908-1: An update that solves 30 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1001459,1012985,1023287,1027149,1028217,1030531,1030552,1031515,1033960,1034405,1035531,1035738,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039348,1039354,1039456,1039721,1039864,1039882,1039883,1039885,1040069,1041160,1041429,1041431,1042696,1042832,1042863,1044125,1045327,1045487,1045922,1046107,1048275,1048788,1049645,1049882,1053148,1053152,1053317,1056588,1056982,1057179,1058410,1058507,1058524,1059863,1062471,1062520,1063667,1064388,856774,860250,863764,878240,922855,922871,986924,993099,994364
CVE References: CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.63.1
Comment 17 Swamp Workflow Management 2017-11-02 17:19:02 UTC
SUSE-SU-2017:2920-1: An update that solves 36 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1008353,1012422,1017941,1029850,1030593,1032268,1034405,1034670,1035576,1035877,1036752,1037182,1037183,1037306,1037994,1038544,1038879,1038981,1038982,1039348,1039349,1039354,1039456,1039721,1039882,1039883,1039885,1040069,1041431,1041958,1044125,1045327,1045487,1045922,1046107,1047408,1048275,1049645,1049882,1052593,1053148,1053152,1056588,1056982,1057179,1058038,1058410,1058507,1058524,1062520,1063667,1064388,938162,975596,977417,984779,985562,990682
CVE References: CVE-2015-9004,CVE-2016-10229,CVE-2016-9604,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8106,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.101.1, kernel-source-3.12.61-52.101.1, kernel-syms-3.12.61-52.101.1, kernel-xen-3.12.61-52.101.1, kgraft-patch-SLE12_Update_28-1-8.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.101.1
Comment 18 Swamp Workflow Management 2017-11-08 20:22:34 UTC
SUSE-SU-2017:2956-1: An update that solves 17 vulnerabilities and has 113 fixes is now available.

Category: security (important)
Bug References: 1005917,1006180,1011913,1012382,1012829,1013887,1018419,1019151,1020645,1020657,1020685,1021424,1022476,1022743,1023175,1024405,1028173,1028286,1028819,1029693,1030552,1030850,1031515,1031717,1031784,1033587,1034048,1034075,1034762,1036303,1036632,1037344,1037404,1037994,1038078,1038583,1038616,1038792,1038846,1038847,1039354,1039915,1040307,1040351,1041958,1042286,1042314,1042422,1042778,1043652,1044112,1044636,1045154,1045563,1045922,1046682,1046821,1046985,1047027,1047048,1047096,1047118,1047121,1047152,1047277,1047343,1047354,1047487,1047651,1047653,1047670,1048155,1048221,1048317,1048891,1048893,1048914,1048934,1049226,1049483,1049486,1049580,1049603,1049645,1049882,1050061,1050188,1051022,1051059,1051239,1051399,1051478,1051479,1051556,1051663,1051790,1052049,1052223,1052311,1052365,1052533,1052580,1052709,1052773,1052794,1052888,1053117,1053802,1053915,1054084,1055013,1055096,1055359,1056261,1056588,1056827,1056982,1057015,1057389,1058038,1058116,1058507,963619,964063,964944,971975,974215,981309,988784,993890
CVE References: CVE-2017-1000111,CVE-2017-1000112,CVE-2017-1000251,CVE-2017-1000252,CVE-2017-1000365,CVE-2017-10810,CVE-2017-11472,CVE-2017-11473,CVE-2017-12134,CVE-2017-12154,CVE-2017-14051,CVE-2017-14106,CVE-2017-7518,CVE-2017-7533,CVE-2017-7541,CVE-2017-7542,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP2 (src):    kernel-rt-4.4.88-18.1, kernel-rt_debug-4.4.88-18.1, kernel-source-rt-4.4.88-18.1, kernel-syms-rt-4.4.88-18.1
Comment 19 Marcus Meissner 2018-02-09 06:45:04 UTC
released